General
-
Target
024d19e37bbd71572d78b6e2b0c352410b6f4a8000da863c9bb68e0c1ee1763e
-
Size
1.3MB
-
Sample
250703-gphzasvnv4
-
MD5
929b0c4deba7b67a155e29e97c1daa68
-
SHA1
144196264911963c087076b733ecf9c27be2ac7e
-
SHA256
024d19e37bbd71572d78b6e2b0c352410b6f4a8000da863c9bb68e0c1ee1763e
-
SHA512
ee3ba52774822341fd8e562f1b703a3492c6484a169c9906c6e1398a8fcda5cd9b8a7b8a86dc70fb093b3aa303e2daf8cc44b00447f54cf5821c0ba7a3e81721
-
SSDEEP
24576:iEtl9mRda1d+5KKxywZK1V1qfUWv4WINuI4:5Es1I7haCrvmND4
Static task
static1
Behavioral task
behavioral1
Sample
024d19e37bbd71572d78b6e2b0c352410b6f4a8000da863c9bb68e0c1ee1763e.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
024d19e37bbd71572d78b6e2b0c352410b6f4a8000da863c9bb68e0c1ee1763e.exe
Resource
win11-20250610-en
Malware Config
Targets
-
-
Target
024d19e37bbd71572d78b6e2b0c352410b6f4a8000da863c9bb68e0c1ee1763e
-
Size
1.3MB
-
MD5
929b0c4deba7b67a155e29e97c1daa68
-
SHA1
144196264911963c087076b733ecf9c27be2ac7e
-
SHA256
024d19e37bbd71572d78b6e2b0c352410b6f4a8000da863c9bb68e0c1ee1763e
-
SHA512
ee3ba52774822341fd8e562f1b703a3492c6484a169c9906c6e1398a8fcda5cd9b8a7b8a86dc70fb093b3aa303e2daf8cc44b00447f54cf5821c0ba7a3e81721
-
SSDEEP
24576:iEtl9mRda1d+5KKxywZK1V1qfUWv4WINuI4:5Es1I7haCrvmND4
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-