General
-
Target
9c00dc166ac6c7e818a8663d1133341bc654ae731762786212bd97664f460a79
-
Size
833KB
-
Sample
250703-glxy2svm17
-
MD5
9f9c36535f3e71566dd630a745d1d5b6
-
SHA1
2ce2c08fad453301c717672c4be82e68e5f039f1
-
SHA256
9c00dc166ac6c7e818a8663d1133341bc654ae731762786212bd97664f460a79
-
SHA512
4f06c9b57692d78465baeb15325f61084a1aea684d0f1a7476ae598df3adeaa15cb510c39d38025996caa45d94b806960e13cbc364c1a36dd71ef36b86aeb4d8
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIMhP7UQ2sJu:iEtl9mRda1d+5KKPJUAu
Static task
static1
Behavioral task
behavioral1
Sample
9c00dc166ac6c7e818a8663d1133341bc654ae731762786212bd97664f460a79.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
9c00dc166ac6c7e818a8663d1133341bc654ae731762786212bd97664f460a79.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
9c00dc166ac6c7e818a8663d1133341bc654ae731762786212bd97664f460a79
-
Size
833KB
-
MD5
9f9c36535f3e71566dd630a745d1d5b6
-
SHA1
2ce2c08fad453301c717672c4be82e68e5f039f1
-
SHA256
9c00dc166ac6c7e818a8663d1133341bc654ae731762786212bd97664f460a79
-
SHA512
4f06c9b57692d78465baeb15325f61084a1aea684d0f1a7476ae598df3adeaa15cb510c39d38025996caa45d94b806960e13cbc364c1a36dd71ef36b86aeb4d8
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIMhP7UQ2sJu:iEtl9mRda1d+5KKPJUAu
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-