General
-
Target
97e6d3159aaf33a7d7d8c8541b1adadf1f04b9cf492584b31d0b67a9dfd32056
-
Size
120KB
-
Sample
221201-a6hljadf5w
-
MD5
f67add38f08d559a49dd002228b58e01
-
SHA1
ab77fb1945192dfd58aa271dcd90df406ac467cf
-
SHA256
97e6d3159aaf33a7d7d8c8541b1adadf1f04b9cf492584b31d0b67a9dfd32056
-
SHA512
f1e6cca4493ecf53e21e65060d80539ee0d32566376f1fc37740994160a6f5bc5a960e3d794cffc0d6bdaf96f592d7f98c31606ca7a75f5c8c68cbe4947d05af
-
SSDEEP
1536:rk3eKNkTSdCS1isFqn+kVDX2FrsqtjEieir6rqAXiN3xOJ8yWkpCg8snE38i38uU:w3eVT89qzGFrftLorvXiHu8sE938ulnW
Malware Config
Targets
-
-
Target
97e6d3159aaf33a7d7d8c8541b1adadf1f04b9cf492584b31d0b67a9dfd32056
-
Size
120KB
-
MD5
f67add38f08d559a49dd002228b58e01
-
SHA1
ab77fb1945192dfd58aa271dcd90df406ac467cf
-
SHA256
97e6d3159aaf33a7d7d8c8541b1adadf1f04b9cf492584b31d0b67a9dfd32056
-
SHA512
f1e6cca4493ecf53e21e65060d80539ee0d32566376f1fc37740994160a6f5bc5a960e3d794cffc0d6bdaf96f592d7f98c31606ca7a75f5c8c68cbe4947d05af
-
SSDEEP
1536:rk3eKNkTSdCS1isFqn+kVDX2FrsqtjEieir6rqAXiN3xOJ8yWkpCg8snE38i38uU:w3eVT89qzGFrftLorvXiHu8sE938ulnW
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-