General
-
Target
6fb9e367296a89650720e7a08d68da70de8b1a1bb6f768237e4cf7a8360e3ed1
-
Size
833KB
-
Sample
250703-gnvlpsfm3x
-
MD5
2baf87ceb15f5dcca5a6c575d042508f
-
SHA1
1842f2c23d2a42c40264092c6715c14ff4d63377
-
SHA256
6fb9e367296a89650720e7a08d68da70de8b1a1bb6f768237e4cf7a8360e3ed1
-
SHA512
47a151671399d12bde4813bdc47714f43313e873a2e274f66edae6a122221fab0ee0406df76e6bae2f3321ffba8aed4cabb7017ebb49a9340d00f43acdedd41e
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIThP7UQ2sJw:iEtl9mRda1d+5KKUJUAw
Static task
static1
Behavioral task
behavioral1
Sample
6fb9e367296a89650720e7a08d68da70de8b1a1bb6f768237e4cf7a8360e3ed1.exe
Resource
win10v2004-20250619-en
Malware Config
Targets
-
-
Target
6fb9e367296a89650720e7a08d68da70de8b1a1bb6f768237e4cf7a8360e3ed1
-
Size
833KB
-
MD5
2baf87ceb15f5dcca5a6c575d042508f
-
SHA1
1842f2c23d2a42c40264092c6715c14ff4d63377
-
SHA256
6fb9e367296a89650720e7a08d68da70de8b1a1bb6f768237e4cf7a8360e3ed1
-
SHA512
47a151671399d12bde4813bdc47714f43313e873a2e274f66edae6a122221fab0ee0406df76e6bae2f3321ffba8aed4cabb7017ebb49a9340d00f43acdedd41e
-
SSDEEP
12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIThP7UQ2sJw:iEtl9mRda1d+5KKUJUAw
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-