General
-
Target
8e984f256c902537a9c0796e7a102af64b7b961ab3470082afc6028b54381d1a
-
Size
608KB
-
Sample
250703-gn92dsfm4z
-
MD5
8f9c615823c162a24cff074bfbba83f1
-
SHA1
16ae4cb4d895a094c2858c9c779ddaf6d72dd990
-
SHA256
8e984f256c902537a9c0796e7a102af64b7b961ab3470082afc6028b54381d1a
-
SHA512
8bdbd2dfc8a50870be6a65d185a4d52a690ccadca888dca949101c8ef8e5a8ebbf9cce32443ed5aeedc23aaa23c8c7f90c84cf50e20086eaa996f11467a150bd
-
SSDEEP
6144:O82p4pFHfzMepymgWPnviP6Koa0nArn20l96tCF2eKNBDRlC8HQQDhy5OwbYBwM5:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64RL
Static task
static1
Behavioral task
behavioral1
Sample
8e984f256c902537a9c0796e7a102af64b7b961ab3470082afc6028b54381d1a.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
8e984f256c902537a9c0796e7a102af64b7b961ab3470082afc6028b54381d1a
-
Size
608KB
-
MD5
8f9c615823c162a24cff074bfbba83f1
-
SHA1
16ae4cb4d895a094c2858c9c779ddaf6d72dd990
-
SHA256
8e984f256c902537a9c0796e7a102af64b7b961ab3470082afc6028b54381d1a
-
SHA512
8bdbd2dfc8a50870be6a65d185a4d52a690ccadca888dca949101c8ef8e5a8ebbf9cce32443ed5aeedc23aaa23c8c7f90c84cf50e20086eaa996f11467a150bd
-
SSDEEP
6144:O82p4pFHfzMepymgWPnviP6Koa0nArn20l96tCF2eKNBDRlC8HQQDhy5OwbYBwM5:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64RL
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-