General
-
Target
OIP.jpg
-
Size
34KB
-
Sample
250502-q5hg5scn3w
-
MD5
9f352749515b33c53fd6dcdf9c08fa02
-
SHA1
11c6b29d177f2262a53613aa6d995b96f6b58378
-
SHA256
67b777e4fa23202de3c10f3788929b1fbbd92d9b0bc8bcf249bc34cf230f0c1f
-
SHA512
58f91a251cb3c56a6190c8e4279f8e98c909b33214b935d0e58388a40ee281c82a736ad45b8186e8be360622d7d8aee954d82abd16f192d32ff2ad44427ef7db
-
SSDEEP
768:zSYCMfFYFiijuob5LDe0fe1hM8PNqNCueShnw+DIzpXZC33mPo:zkM9YFiuuoNLq6SvkKS1IzpJCnB
Static task
static1
Behavioral task
behavioral1
Sample
OIP.jpg
Resource
win10v2004-20250410-en
Malware Config
Targets
-
-
Target
OIP.jpg
-
Size
34KB
-
MD5
9f352749515b33c53fd6dcdf9c08fa02
-
SHA1
11c6b29d177f2262a53613aa6d995b96f6b58378
-
SHA256
67b777e4fa23202de3c10f3788929b1fbbd92d9b0bc8bcf249bc34cf230f0c1f
-
SHA512
58f91a251cb3c56a6190c8e4279f8e98c909b33214b935d0e58388a40ee281c82a736ad45b8186e8be360622d7d8aee954d82abd16f192d32ff2ad44427ef7db
-
SSDEEP
768:zSYCMfFYFiijuob5LDe0fe1hM8PNqNCueShnw+DIzpXZC33mPo:zkM9YFiuuoNLq6SvkKS1IzpJCnB
-
Disables Task Manager via registry modification
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Modifies WinLogon
-
Sets desktop wallpaper using registry
-