Overview
overview
8Static
static
1LogonFuck.exe
windows7-x64
8LogonFuck.exe
windows10-2004-x64
8LogonFuck.exe
android-9-x86
LogonFuck.exe
android-10-x64
LogonFuck.exe
android-11-x64
LogonFuck.exe
macos-10.15-amd64
6LogonFuck.exe
ubuntu-18.04-amd64
LogonFuck.exe
debian-9-armhf
LogonFuck.exe
debian-9-mips
LogonFuck.exe
debian-9-mipsel
General
-
Target
LogonFuck.exe
-
Size
8.1MB
-
Sample
230326-s7whwsba41
-
MD5
7ee3aeb93b0fa8dc34893e8b3c0f5510
-
SHA1
faedf76ced4d16de8832d084be985ed8b32cf20d
-
SHA256
78a7a05316929dddcba6788429eeec08b5428590b89b8d272bd79471f0b6a4d8
-
SHA512
fba2326c80a69841fa9c97198aa69b0b019fffa591a5f7bd8b38da99f8eb8baa0662c8a4dc751ec38dc7892097175f3b760a7d7e1116aaeeb4b2ffe04b821d29
-
SSDEEP
196608:WIAlVbD80eclAADocTlPP6H442TXmN1baBwPWQySi6dFNq:FaD80ecaAsqVjlXm7bR+Q95d
Static task
static1
Behavioral task
behavioral1
Sample
LogonFuck.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
LogonFuck.exe
Resource
win10v2004-20230221-en
Behavioral task
behavioral3
Sample
LogonFuck.exe
Resource
android-x86-arm-20220823-en
Behavioral task
behavioral4
Sample
LogonFuck.exe
Resource
android-x64-20220823-en
Behavioral task
behavioral5
Sample
LogonFuck.exe
Resource
android-x64-arm64-20220823-en
Behavioral task
behavioral6
Sample
LogonFuck.exe
Resource
macos-20220504-en
Behavioral task
behavioral7
Sample
LogonFuck.exe
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral8
Sample
LogonFuck.exe
Resource
debian9-armhf-20221111-en
Behavioral task
behavioral9
Sample
LogonFuck.exe
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral10
Sample
LogonFuck.exe
Resource
debian9-mipsel-20221111-en
Malware Config
Targets
-
-
Target
LogonFuck.exe
-
Size
8.1MB
-
MD5
7ee3aeb93b0fa8dc34893e8b3c0f5510
-
SHA1
faedf76ced4d16de8832d084be985ed8b32cf20d
-
SHA256
78a7a05316929dddcba6788429eeec08b5428590b89b8d272bd79471f0b6a4d8
-
SHA512
fba2326c80a69841fa9c97198aa69b0b019fffa591a5f7bd8b38da99f8eb8baa0662c8a4dc751ec38dc7892097175f3b760a7d7e1116aaeeb4b2ffe04b821d29
-
SSDEEP
196608:WIAlVbD80eclAADocTlPP6H442TXmN1baBwPWQySi6dFNq:FaD80ecaAsqVjlXm7bR+Q95d
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-