General
-
Target
4fb6de343063cc21bceaf9ca8c9a00a12177f4512f8dcf42b124445aaeeb059b
-
Size
704KB
-
Sample
250703-f7cpkahq7s
-
MD5
da90309be5c1a6e85fd9e5c59a4808be
-
SHA1
4cc27170476c23d9e2a38708a3c38f4173d0d3cc
-
SHA256
4fb6de343063cc21bceaf9ca8c9a00a12177f4512f8dcf42b124445aaeeb059b
-
SHA512
99a2fc0df426218a4a41f4fd43a5fb0c143f43dad9bcf4ca496be48d47763c9d96bed457db89036ae1a57afc6bc9248a77eca69f0d8da309b6f420fafb659a88
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIdq:iEtl9mRda1d+5KKj
Static task
static1
Behavioral task
behavioral1
Sample
4fb6de343063cc21bceaf9ca8c9a00a12177f4512f8dcf42b124445aaeeb059b.exe
Resource
win10v2004-20250610-en
Malware Config
Targets
-
-
Target
4fb6de343063cc21bceaf9ca8c9a00a12177f4512f8dcf42b124445aaeeb059b
-
Size
704KB
-
MD5
da90309be5c1a6e85fd9e5c59a4808be
-
SHA1
4cc27170476c23d9e2a38708a3c38f4173d0d3cc
-
SHA256
4fb6de343063cc21bceaf9ca8c9a00a12177f4512f8dcf42b124445aaeeb059b
-
SHA512
99a2fc0df426218a4a41f4fd43a5fb0c143f43dad9bcf4ca496be48d47763c9d96bed457db89036ae1a57afc6bc9248a77eca69f0d8da309b6f420fafb659a88
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIdq:iEtl9mRda1d+5KKj
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-