General
-
Target
f5ad50d000e4d46e2cdd1baa2c1e77798a3db1ec26905c17ffb690612894092a
-
Size
60KB
-
Sample
221201-th4cwahg4w
-
MD5
fa1c17994b098ff3047865119f4274ce
-
SHA1
be4fab43570fc69168bc2cbc399945122d5cd735
-
SHA256
f5ad50d000e4d46e2cdd1baa2c1e77798a3db1ec26905c17ffb690612894092a
-
SHA512
7170393fb7dafae496e922420ba989d564dd0f41f5244aa145da655d004bb2cb470d037e05f377b1feefa0715cc31b11aea1b1c6b49bade29b23597a845e0741
-
SSDEEP
1536:1k3eKNkTSdCS1isFqn+kVDX2FrsqtjEieir6rqAXiN3xOJ8yWkh:u3eVT89qzGFrftLorvXiHS
Malware Config
Targets
-
-
Target
f5ad50d000e4d46e2cdd1baa2c1e77798a3db1ec26905c17ffb690612894092a
-
Size
60KB
-
MD5
fa1c17994b098ff3047865119f4274ce
-
SHA1
be4fab43570fc69168bc2cbc399945122d5cd735
-
SHA256
f5ad50d000e4d46e2cdd1baa2c1e77798a3db1ec26905c17ffb690612894092a
-
SHA512
7170393fb7dafae496e922420ba989d564dd0f41f5244aa145da655d004bb2cb470d037e05f377b1feefa0715cc31b11aea1b1c6b49bade29b23597a845e0741
-
SSDEEP
1536:1k3eKNkTSdCS1isFqn+kVDX2FrsqtjEieir6rqAXiN3xOJ8yWkh:u3eVT89qzGFrftLorvXiHS
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-