General
-
Target
c2cbc2bfbdd15ca2fd57247bc0f826f765de6fecf11ed3adf47f6f8a610c7e7e
-
Size
692KB
-
Sample
250703-gn3mbafm4w
-
MD5
e533a87db64e8a60005cdfee5b3a001f
-
SHA1
1739ae8a57985d0012ec6100b450a253d22afc78
-
SHA256
c2cbc2bfbdd15ca2fd57247bc0f826f765de6fecf11ed3adf47f6f8a610c7e7e
-
SHA512
375405a2cc98196d7ff37b291fcf385dcb9e0671d14a94f3ba1ffbf424299f51386706c6ee4776679f723ae5f4dcf0c71654c40a6f14f36afae8e894b508e822
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrID:iEtl9mRda1d+5KKA
Static task
static1
Behavioral task
behavioral1
Sample
c2cbc2bfbdd15ca2fd57247bc0f826f765de6fecf11ed3adf47f6f8a610c7e7e.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
c2cbc2bfbdd15ca2fd57247bc0f826f765de6fecf11ed3adf47f6f8a610c7e7e
-
Size
692KB
-
MD5
e533a87db64e8a60005cdfee5b3a001f
-
SHA1
1739ae8a57985d0012ec6100b450a253d22afc78
-
SHA256
c2cbc2bfbdd15ca2fd57247bc0f826f765de6fecf11ed3adf47f6f8a610c7e7e
-
SHA512
375405a2cc98196d7ff37b291fcf385dcb9e0671d14a94f3ba1ffbf424299f51386706c6ee4776679f723ae5f4dcf0c71654c40a6f14f36afae8e894b508e822
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrID:iEtl9mRda1d+5KKA
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-