General
-
Target
95e3c55388d6d76c6d370fa6352b9e41e7c03583794fb3eab0056f084b75a9d6
-
Size
3.2MB
-
Sample
250703-gk97zsvm14
-
MD5
565fd2a76be9db18d757cd5abde3825b
-
SHA1
305670f4fdc298a6e9147359565af7a12e12434d
-
SHA256
95e3c55388d6d76c6d370fa6352b9e41e7c03583794fb3eab0056f084b75a9d6
-
SHA512
ae7b0b2b4726a2e8c07b61b19f9455d3e8878fadd8aeb4dec56820eab298bb0220a79455e159d1f36fbf5a18b7701474cb9a4930b4cfe0fe02ef499fb506ea1c
-
SSDEEP
98304:5E2bS/Yy5j69xFMbGnvno/XRivB7MqU+Jsv/U6sj3CR:5nbBh95vnofRivB7MCJsvcxj3CR
Static task
static1
Behavioral task
behavioral1
Sample
95e3c55388d6d76c6d370fa6352b9e41e7c03583794fb3eab0056f084b75a9d6.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
95e3c55388d6d76c6d370fa6352b9e41e7c03583794fb3eab0056f084b75a9d6.exe
Resource
win11-20250610-en
Malware Config
Targets
-
-
Target
95e3c55388d6d76c6d370fa6352b9e41e7c03583794fb3eab0056f084b75a9d6
-
Size
3.2MB
-
MD5
565fd2a76be9db18d757cd5abde3825b
-
SHA1
305670f4fdc298a6e9147359565af7a12e12434d
-
SHA256
95e3c55388d6d76c6d370fa6352b9e41e7c03583794fb3eab0056f084b75a9d6
-
SHA512
ae7b0b2b4726a2e8c07b61b19f9455d3e8878fadd8aeb4dec56820eab298bb0220a79455e159d1f36fbf5a18b7701474cb9a4930b4cfe0fe02ef499fb506ea1c
-
SSDEEP
98304:5E2bS/Yy5j69xFMbGnvno/XRivB7MqU+Jsv/U6sj3CR:5nbBh95vnofRivB7MCJsvcxj3CR
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-