General
-
Target
160626202b482baa2c31effc6f07b8f7
-
Size
15KB
-
Sample
231230-mlcwrscdb5
-
MD5
160626202b482baa2c31effc6f07b8f7
-
SHA1
c2f3b4a1c7dbb29d005a1ca2490f6824fa27e265
-
SHA256
f494a04c4cc4fcd977a7eb5792af49cf3b7f4a1bcf8144958312bbde15a9dfd9
-
SHA512
9e902e901e9b51740d7c193b5a50482a2743b864c414f1e932eb3892ea552d47fa91856885be0589d19b6979269f497b9c0f149dcad3e249cafb0716f32c1682
-
SSDEEP
384:ilEIUCB+pLmtBjnmGSnviRryT9OT2TI9NtZVFAAAAAAAwX:kEjC0pSBjnkvy4OT2iXZj
Malware Config
Targets
-
-
Target
160626202b482baa2c31effc6f07b8f7
-
Size
15KB
-
MD5
160626202b482baa2c31effc6f07b8f7
-
SHA1
c2f3b4a1c7dbb29d005a1ca2490f6824fa27e265
-
SHA256
f494a04c4cc4fcd977a7eb5792af49cf3b7f4a1bcf8144958312bbde15a9dfd9
-
SHA512
9e902e901e9b51740d7c193b5a50482a2743b864c414f1e932eb3892ea552d47fa91856885be0589d19b6979269f497b9c0f149dcad3e249cafb0716f32c1682
-
SSDEEP
384:ilEIUCB+pLmtBjnmGSnviRryT9OT2TI9NtZVFAAAAAAAwX:kEjC0pSBjnkvy4OT2iXZj
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-