General
-
Target
a7a013d7986acf7478ec6b7cd0050967b09508407e6c667ba6e3f08d3010acec
-
Size
1.4MB
-
Sample
221130-3sv9pafd86
-
MD5
3bf540d8f1925cc8aa0b365a5b46d799
-
SHA1
414c5386bd93098ea2e7d5be51c51e338e55a2f2
-
SHA256
a7a013d7986acf7478ec6b7cd0050967b09508407e6c667ba6e3f08d3010acec
-
SHA512
0b12e6d47d8b19bd2992be177ea4ce3ad8d8b156ebf17de0d8fc6dc9e84ceffb27bade2871f8fd16b7bb35cc08934fc4ee232b5879d61cf5f4bb264f0c8ea21c
-
SSDEEP
24576:XbrzMQCsFN6kGl0Dzs34T62Y80ux3aDbpLEDqEE64C+23HLveIMyZ4TCpQ+PVVE:j7FccP9YmbmE0CFbe6qY
Static task
static1
Behavioral task
behavioral1
Sample
a7a013d7986acf7478ec6b7cd0050967b09508407e6c667ba6e3f08d3010acec.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a7a013d7986acf7478ec6b7cd0050967b09508407e6c667ba6e3f08d3010acec.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
a7a013d7986acf7478ec6b7cd0050967b09508407e6c667ba6e3f08d3010acec
-
Size
1.4MB
-
MD5
3bf540d8f1925cc8aa0b365a5b46d799
-
SHA1
414c5386bd93098ea2e7d5be51c51e338e55a2f2
-
SHA256
a7a013d7986acf7478ec6b7cd0050967b09508407e6c667ba6e3f08d3010acec
-
SHA512
0b12e6d47d8b19bd2992be177ea4ce3ad8d8b156ebf17de0d8fc6dc9e84ceffb27bade2871f8fd16b7bb35cc08934fc4ee232b5879d61cf5f4bb264f0c8ea21c
-
SSDEEP
24576:XbrzMQCsFN6kGl0Dzs34T62Y80ux3aDbpLEDqEE64C+23HLveIMyZ4TCpQ+PVVE:j7FccP9YmbmE0CFbe6qY
Score10/10-
Modifies WinLogon for persistence
-
Modifies security service
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-