General
-
Target
0308e4b5aea42101bd4694d277279553.exe
-
Size
247KB
-
Sample
240101-yl7a6aggdl
-
MD5
0308e4b5aea42101bd4694d277279553
-
SHA1
d0a80d2cc0c60311f59aca22ffb7954342460e2e
-
SHA256
7cfe55870559fc1834fc0f383001f75c373d701e794bcae2121fa2ca61538f06
-
SHA512
12ec74eed3ca2152ce55d1bfc8f9943058d69cae61053a6345f2b0fed9217823e968fecfef4faa419e360b57d6b2c097c7c0035d8761b1b5d72df35da491a044
-
SSDEEP
6144:LLf7GEIC/+gEYMKd1UGg80wcFPnvt7eaxj7WqK:L774CGgBd+zPrhvMo7Wq
Malware Config
Targets
-
-
Target
0308e4b5aea42101bd4694d277279553.exe
-
Size
247KB
-
MD5
0308e4b5aea42101bd4694d277279553
-
SHA1
d0a80d2cc0c60311f59aca22ffb7954342460e2e
-
SHA256
7cfe55870559fc1834fc0f383001f75c373d701e794bcae2121fa2ca61538f06
-
SHA512
12ec74eed3ca2152ce55d1bfc8f9943058d69cae61053a6345f2b0fed9217823e968fecfef4faa419e360b57d6b2c097c7c0035d8761b1b5d72df35da491a044
-
SSDEEP
6144:LLf7GEIC/+gEYMKd1UGg80wcFPnvt7eaxj7WqK:L774CGgBd+zPrhvMo7Wq
Score10/10-
Modifies WinLogon for persistence
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-