General
-
Target
sample
-
Size
19KB
-
Sample
240517-qagblaab4x
-
MD5
8c0b2721020d3eedb6e5d9c21bdcd53d
-
SHA1
1bd71ad7eede70b76c7c107122bbb6a561d7df96
-
SHA256
8278337660fa2460d7664cedef6f6a7b9eb4a6b14956a074e1b467550fe23ef8
-
SHA512
4409ab5cbc6bd01c8a54da3aecca93273cdf322036f5641e74de6236d744762b0563efd90724bd7681b9f50cb9b1e1550fe5b5497dc2b9c8878261d9016b108b
-
SSDEEP
384:rHViETDpmReVoOs4ki9ylKeGMrU8HhhbHeA7Fo2paWhOwob0B+AIJCgMmV6:r17BVoOs4kmyI1MTBhb++EWhOwob0kJO
Static task
static1
Behavioral task
behavioral1
Sample
sample.html
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
sample
-
Size
19KB
-
MD5
8c0b2721020d3eedb6e5d9c21bdcd53d
-
SHA1
1bd71ad7eede70b76c7c107122bbb6a561d7df96
-
SHA256
8278337660fa2460d7664cedef6f6a7b9eb4a6b14956a074e1b467550fe23ef8
-
SHA512
4409ab5cbc6bd01c8a54da3aecca93273cdf322036f5641e74de6236d744762b0563efd90724bd7681b9f50cb9b1e1550fe5b5497dc2b9c8878261d9016b108b
-
SSDEEP
384:rHViETDpmReVoOs4ki9ylKeGMrU8HhhbHeA7Fo2paWhOwob0B+AIJCgMmV6:r17BVoOs4kmyI1MTBhb++EWhOwob0kJO
Score10/10-
Modifies WinLogon for persistence
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Executes dropped EXE
-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-