General
-
Target
cb2ba9ccdb9029771747844d79baa1cffdf68239a25396f9641b70eb52f1ddf8
-
Size
825KB
-
Sample
221202-v6ymzahd97
-
MD5
8ee96064220b9576479c458e2ad51411
-
SHA1
ef27c1347df38df970d6d0ac9c3330c60d032dbb
-
SHA256
cb2ba9ccdb9029771747844d79baa1cffdf68239a25396f9641b70eb52f1ddf8
-
SHA512
74658cad0d8b38191e90e068e3e7bb7429e7e3a41555a5fadf33b6118ac36e8f4f1b8e5de20c17a340985285e7899c104d1eb5f5e8074c5dc193b934dc016f8a
-
SSDEEP
12288:GPcF55DQMSjPaiibTKQZEHi3usCJbGwVHxxhqW+yeGUqG2RKSC:GPGUVPanKMZ35CJCw3rY41n
Static task
static1
Behavioral task
behavioral1
Sample
cb2ba9ccdb9029771747844d79baa1cffdf68239a25396f9641b70eb52f1ddf8.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
cb2ba9ccdb9029771747844d79baa1cffdf68239a25396f9641b70eb52f1ddf8.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
cb2ba9ccdb9029771747844d79baa1cffdf68239a25396f9641b70eb52f1ddf8
-
Size
825KB
-
MD5
8ee96064220b9576479c458e2ad51411
-
SHA1
ef27c1347df38df970d6d0ac9c3330c60d032dbb
-
SHA256
cb2ba9ccdb9029771747844d79baa1cffdf68239a25396f9641b70eb52f1ddf8
-
SHA512
74658cad0d8b38191e90e068e3e7bb7429e7e3a41555a5fadf33b6118ac36e8f4f1b8e5de20c17a340985285e7899c104d1eb5f5e8074c5dc193b934dc016f8a
-
SSDEEP
12288:GPcF55DQMSjPaiibTKQZEHi3usCJbGwVHxxhqW+yeGUqG2RKSC:GPGUVPanKMZ35CJCw3rY41n
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-