General
-
Target
a4a63c06931335605088cbfb9ea936984dafe9a73cbe95562772bf5bd23dd891
-
Size
212KB
-
Sample
221129-jz262aba79
-
MD5
fbb81ac88bccec6aaed50f07ff754bb4
-
SHA1
a699d8a37ecbab522476ef2806f9494bca817c04
-
SHA256
a4a63c06931335605088cbfb9ea936984dafe9a73cbe95562772bf5bd23dd891
-
SHA512
df715ec60d783048e34bf94e9eef947d936c3a595eb6a8b9e1d4d2ff7c54d3f31404f9126b18f168e4a6a18ad2f48fdc4672988cf561621a89ca10ec72375919
-
SSDEEP
6144:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HW1kyApZW199:ZMMpXKb0hNGh1kG0HWnAO199
Behavioral task
behavioral1
Sample
a4a63c06931335605088cbfb9ea936984dafe9a73cbe95562772bf5bd23dd891.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
a4a63c06931335605088cbfb9ea936984dafe9a73cbe95562772bf5bd23dd891.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
a4a63c06931335605088cbfb9ea936984dafe9a73cbe95562772bf5bd23dd891
-
Size
212KB
-
MD5
fbb81ac88bccec6aaed50f07ff754bb4
-
SHA1
a699d8a37ecbab522476ef2806f9494bca817c04
-
SHA256
a4a63c06931335605088cbfb9ea936984dafe9a73cbe95562772bf5bd23dd891
-
SHA512
df715ec60d783048e34bf94e9eef947d936c3a595eb6a8b9e1d4d2ff7c54d3f31404f9126b18f168e4a6a18ad2f48fdc4672988cf561621a89ca10ec72375919
-
SSDEEP
6144:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HW1kyApZW199:ZMMpXKb0hNGh1kG0HWnAO199
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-