General
-
Target
cdb35d164336b889c4e5f8e6d336b179
-
Size
122KB
-
Sample
240316-lf16qsgb6z
-
MD5
cdb35d164336b889c4e5f8e6d336b179
-
SHA1
5c2bc02bcf32846275dc0c396a1bf278b1e9fa9d
-
SHA256
70c95afec201ec4248a126cef8e963a407029a986ba225efa537b2575ecfa85b
-
SHA512
84f754bfc8934dd817b4abdcd89fb7b8d9a757181e849e0581ecdf21d8258592976c94798469205614c83da4955a1e9847cd11b0cad61a5ae17b05b47af38270
-
SSDEEP
3072:62ScCYWi1iT3yKMSIxvxj7yU82LNtedVk1H8m0/IKGwhqZab:62SWgCjSIxhv/j1cm0p
Malware Config
Targets
-
-
Target
cdb35d164336b889c4e5f8e6d336b179
-
Size
122KB
-
MD5
cdb35d164336b889c4e5f8e6d336b179
-
SHA1
5c2bc02bcf32846275dc0c396a1bf278b1e9fa9d
-
SHA256
70c95afec201ec4248a126cef8e963a407029a986ba225efa537b2575ecfa85b
-
SHA512
84f754bfc8934dd817b4abdcd89fb7b8d9a757181e849e0581ecdf21d8258592976c94798469205614c83da4955a1e9847cd11b0cad61a5ae17b05b47af38270
-
SSDEEP
3072:62ScCYWi1iT3yKMSIxvxj7yU82LNtedVk1H8m0/IKGwhqZab:62SWgCjSIxhv/j1cm0p
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-