General
-
Target
3b657e7ff1bf1f59e6e59595c60eee3b03fda8a9913de3f280157ca77db12481
-
Size
724KB
-
Sample
250703-glahrafl7x
-
MD5
633809430fc122569303dfe9a99b4f2d
-
SHA1
307bc2eeb1b07a97093b19bc4576679798348af9
-
SHA256
3b657e7ff1bf1f59e6e59595c60eee3b03fda8a9913de3f280157ca77db12481
-
SHA512
d2493ad8dc8065c6cf6cd6abc1d58273216ada962ffe1b418b5d71cbb66e0dd23fb09f179501482d8f546bd1289af76ed5f2e512891107993e0c829cec5886a6
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIJqLv:iEtl9mRda1d+5KKB
Static task
static1
Behavioral task
behavioral1
Sample
3b657e7ff1bf1f59e6e59595c60eee3b03fda8a9913de3f280157ca77db12481.exe
Resource
win10v2004-20250610-en
Malware Config
Targets
-
-
Target
3b657e7ff1bf1f59e6e59595c60eee3b03fda8a9913de3f280157ca77db12481
-
Size
724KB
-
MD5
633809430fc122569303dfe9a99b4f2d
-
SHA1
307bc2eeb1b07a97093b19bc4576679798348af9
-
SHA256
3b657e7ff1bf1f59e6e59595c60eee3b03fda8a9913de3f280157ca77db12481
-
SHA512
d2493ad8dc8065c6cf6cd6abc1d58273216ada962ffe1b418b5d71cbb66e0dd23fb09f179501482d8f546bd1289af76ed5f2e512891107993e0c829cec5886a6
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIJqLv:iEtl9mRda1d+5KKB
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-