General
-
Target
3726debd83b62c62b44cf71b978618df60107945c47ee428e3e1aa1bd2c3b6a7N.exe
-
Size
346KB
-
Sample
241112-sr77ravhpc
-
MD5
c587fd4e8d313c623935d953ecbb3720
-
SHA1
92ba834ea60e115e8b50b092ce06d8a9655b1085
-
SHA256
3726debd83b62c62b44cf71b978618df60107945c47ee428e3e1aa1bd2c3b6a7
-
SHA512
bc05fd0b15cd5adcac59b2ca4e6b49cb8c71ffddcd170a4791cae94103db29879b21752d65efd16d683f19beb3ef5af8e38dea82ffc3ff71314920a302403798
-
SSDEEP
6144:i75GR5GGCraK5GGCraByibSxbSuw5syJag558ag55c21rCag558jEqP9:itSIawIaBy8eM5syX5u5mMS5qV
Malware Config
Targets
-
-
Target
3726debd83b62c62b44cf71b978618df60107945c47ee428e3e1aa1bd2c3b6a7N.exe
-
Size
346KB
-
MD5
c587fd4e8d313c623935d953ecbb3720
-
SHA1
92ba834ea60e115e8b50b092ce06d8a9655b1085
-
SHA256
3726debd83b62c62b44cf71b978618df60107945c47ee428e3e1aa1bd2c3b6a7
-
SHA512
bc05fd0b15cd5adcac59b2ca4e6b49cb8c71ffddcd170a4791cae94103db29879b21752d65efd16d683f19beb3ef5af8e38dea82ffc3ff71314920a302403798
-
SSDEEP
6144:i75GR5GGCraK5GGCraByibSxbSuw5syJag558ag55c21rCag558jEqP9:itSIawIaBy8eM5syX5u5mMS5qV
Score10/10-
Modifies WinLogon for persistence
-
Drops file in Drivers directory
-
Sets service image path in registry
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Adds Run key to start application
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Modifies WinLogon
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-