General
-
Target
2024-04-08_ecd8c1ab47e146108b0ff40d511a20fd_virlock
-
Size
245KB
-
Sample
240408-nygwxsbg2x
-
MD5
ecd8c1ab47e146108b0ff40d511a20fd
-
SHA1
96eed85ecdf235f3a3b67f26db5eed0dd20afff6
-
SHA256
0e997cc6861c258a2a2de4a85fb8b136069ac491ac2a8c07006c5622be7df891
-
SHA512
7a750c0b5addb8b32675b9f41573429e55ea9eedf9645bfb63da6139662574d7a27db9d8180960ee89e0c19afd29626c306d63309223ece747f396eacc88dda9
-
SSDEEP
6144:GLzVhF3iMfyRozut7c2ydjnqNP8CagWyT:GXDFyMKRoCt9ydjnqNPba8T
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-08_ecd8c1ab47e146108b0ff40d511a20fd_virlock.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-08_ecd8c1ab47e146108b0ff40d511a20fd_virlock.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-08_ecd8c1ab47e146108b0ff40d511a20fd_virlock
-
Size
245KB
-
MD5
ecd8c1ab47e146108b0ff40d511a20fd
-
SHA1
96eed85ecdf235f3a3b67f26db5eed0dd20afff6
-
SHA256
0e997cc6861c258a2a2de4a85fb8b136069ac491ac2a8c07006c5622be7df891
-
SHA512
7a750c0b5addb8b32675b9f41573429e55ea9eedf9645bfb63da6139662574d7a27db9d8180960ee89e0c19afd29626c306d63309223ece747f396eacc88dda9
-
SSDEEP
6144:GLzVhF3iMfyRozut7c2ydjnqNP8CagWyT:GXDFyMKRoCt9ydjnqNPba8T
Score10/10-
Modifies visibility of file extensions in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1