General
-
Target
c68517612314284756b0a16dae19002b126a4e88d03a4d1a2e1ede75aa09a17e
-
Size
183KB
-
Sample
221129-jzxljsba69
-
MD5
780c3616ca3d0c6853f006a2fff09dd4
-
SHA1
c1a7c4d0d1521fbcac532eb652645d8851d12dbd
-
SHA256
c68517612314284756b0a16dae19002b126a4e88d03a4d1a2e1ede75aa09a17e
-
SHA512
6eab73b3938929fb724482604fef4f58196eea9014538c6ad9bc834080982e73f8329911f726e30c78e61312d879bab8b97e9374b4b1928058df460df85a139c
-
SSDEEP
3072:rimsXXK9HRTOeriRfP6pXfSb0dspqc5oY0htVFAHT11Ual21Cxcs0HKAH057kyJx:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HWL
Behavioral task
behavioral1
Sample
c68517612314284756b0a16dae19002b126a4e88d03a4d1a2e1ede75aa09a17e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c68517612314284756b0a16dae19002b126a4e88d03a4d1a2e1ede75aa09a17e.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
c68517612314284756b0a16dae19002b126a4e88d03a4d1a2e1ede75aa09a17e
-
Size
183KB
-
MD5
780c3616ca3d0c6853f006a2fff09dd4
-
SHA1
c1a7c4d0d1521fbcac532eb652645d8851d12dbd
-
SHA256
c68517612314284756b0a16dae19002b126a4e88d03a4d1a2e1ede75aa09a17e
-
SHA512
6eab73b3938929fb724482604fef4f58196eea9014538c6ad9bc834080982e73f8329911f726e30c78e61312d879bab8b97e9374b4b1928058df460df85a139c
-
SSDEEP
3072:rimsXXK9HRTOeriRfP6pXfSb0dspqc5oY0htVFAHT11Ual21Cxcs0HKAH057kyJx:riMmXRH6pXfSb0ceR/VFAHh1kgcs0HWL
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-