General
-
Target
9beb509ba9a71a75f22dcde38df546305f20669abf2c588fe6387f7d5573237b
-
Size
585KB
-
Sample
250703-gpcghst1bv
-
MD5
bf2f6ba63bb754c1a2476a97ca486bc6
-
SHA1
14762885af16b93fc0f246bb3ee29c68c1dc787b
-
SHA256
9beb509ba9a71a75f22dcde38df546305f20669abf2c588fe6387f7d5573237b
-
SHA512
1a2318bc1964569894fae541cd093839f741656b9ede2173320da6f39591af2938ff3e2c0941ba8ed59b38e9de5154db98e4bc6161010ec8d9e574b230773241
-
SSDEEP
6144:O82p4pFHfzMepymgWPnviP6Koa0nArn20l96tCF2eKNBDRlC8HQQDhy5OwbYBwMr:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64Rl
Static task
static1
Behavioral task
behavioral1
Sample
9beb509ba9a71a75f22dcde38df546305f20669abf2c588fe6387f7d5573237b.exe
Resource
win10v2004-20250619-en
Behavioral task
behavioral2
Sample
9beb509ba9a71a75f22dcde38df546305f20669abf2c588fe6387f7d5573237b.exe
Resource
win11-20250610-en
Malware Config
Targets
-
-
Target
9beb509ba9a71a75f22dcde38df546305f20669abf2c588fe6387f7d5573237b
-
Size
585KB
-
MD5
bf2f6ba63bb754c1a2476a97ca486bc6
-
SHA1
14762885af16b93fc0f246bb3ee29c68c1dc787b
-
SHA256
9beb509ba9a71a75f22dcde38df546305f20669abf2c588fe6387f7d5573237b
-
SHA512
1a2318bc1964569894fae541cd093839f741656b9ede2173320da6f39591af2938ff3e2c0941ba8ed59b38e9de5154db98e4bc6161010ec8d9e574b230773241
-
SSDEEP
6144:O82p4pFHfzMepymgWPnviP6Koa0nArn20l96tCF2eKNBDRlC8HQQDhy5OwbYBwMr:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64Rl
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-