General
-
Target
c25119e4c431ccf4340539e3833d05b3
-
Size
368KB
-
Sample
240312-dr5djaeg9s
-
MD5
c25119e4c431ccf4340539e3833d05b3
-
SHA1
5b604bd15d3a864fe6c7a3262a69def5bf61ab1c
-
SHA256
9631acf789f74155979969f5345f3c057d1522287b1e1145f1bf6c7f0d678e69
-
SHA512
e77ad891144679e2e3d0eba3586143b5df45284dae6a92e5c1f3c452ebcabdef8d9b33f1c6129894dc8b61f37561a4826abfba8163d5cc564ec2fd7ec27c9d2f
-
SSDEEP
6144:z7OSgRuehAjP4WN52HTqjNPUF7x6y1Z1lqUylcD3PwcNWiW4QGYBjxYnnRt7xqGa:bgRuehAjP4WN52HTqjNPUF7x66yqD8f9
Static task
static1
Behavioral task
behavioral1
Sample
c25119e4c431ccf4340539e3833d05b3.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c25119e4c431ccf4340539e3833d05b3.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
c25119e4c431ccf4340539e3833d05b3
-
Size
368KB
-
MD5
c25119e4c431ccf4340539e3833d05b3
-
SHA1
5b604bd15d3a864fe6c7a3262a69def5bf61ab1c
-
SHA256
9631acf789f74155979969f5345f3c057d1522287b1e1145f1bf6c7f0d678e69
-
SHA512
e77ad891144679e2e3d0eba3586143b5df45284dae6a92e5c1f3c452ebcabdef8d9b33f1c6129894dc8b61f37561a4826abfba8163d5cc564ec2fd7ec27c9d2f
-
SSDEEP
6144:z7OSgRuehAjP4WN52HTqjNPUF7x6y1Z1lqUylcD3PwcNWiW4QGYBjxYnnRt7xqGa:bgRuehAjP4WN52HTqjNPUF7x66yqD8f9
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Installed Components in the registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-