General
-
Target
6de7dd44971d5f22389b257a3b2a9ff28fef2561238e2f15653642ec26f566c2
-
Size
769KB
-
Sample
250703-gk1csavmz9
-
MD5
77fd34883b7edada32d7173ab1dd680d
-
SHA1
3186a8892091943902155944b719329f2a4311be
-
SHA256
6de7dd44971d5f22389b257a3b2a9ff28fef2561238e2f15653642ec26f566c2
-
SHA512
ef16aa70b68776f5d3fc1f9509145b7f273a00910e8199b783e6e0f11e220100ad17c9632a68ee78c8abe59683b7bdaead1ee8550292db5f1a1edeb397a1db96
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIrHS7r:iEtl9mRda1d+5KKIyn
Static task
static1
Behavioral task
behavioral1
Sample
6de7dd44971d5f22389b257a3b2a9ff28fef2561238e2f15653642ec26f566c2.exe
Resource
win10v2004-20250619-en
Behavioral task
behavioral2
Sample
6de7dd44971d5f22389b257a3b2a9ff28fef2561238e2f15653642ec26f566c2.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
6de7dd44971d5f22389b257a3b2a9ff28fef2561238e2f15653642ec26f566c2
-
Size
769KB
-
MD5
77fd34883b7edada32d7173ab1dd680d
-
SHA1
3186a8892091943902155944b719329f2a4311be
-
SHA256
6de7dd44971d5f22389b257a3b2a9ff28fef2561238e2f15653642ec26f566c2
-
SHA512
ef16aa70b68776f5d3fc1f9509145b7f273a00910e8199b783e6e0f11e220100ad17c9632a68ee78c8abe59683b7bdaead1ee8550292db5f1a1edeb397a1db96
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIrHS7r:iEtl9mRda1d+5KKIyn
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-