General
-
Target
0562680aadf7883f0dfa6d49b6efb26f68829b6e42e48874cdb603c4ceea2638
-
Size
586KB
-
Sample
250703-gprw7st1cs
-
MD5
5fab38bcb84f31bfc2331f411c685dba
-
SHA1
11270c9cb671d0cc9f0196ccd93870de6e684c5b
-
SHA256
0562680aadf7883f0dfa6d49b6efb26f68829b6e42e48874cdb603c4ceea2638
-
SHA512
18adba182ba176717cdec76fdf001146c55b7b84e0a495384fae37b51a7145a6969a543e759b85f029340447fcb71904bf89533085d784d3be98b8a5a5e74d4b
-
SSDEEP
6144:O82p4pFHfzMepymgWPnviP6Koa0nArn20l96tCF2eKNBDRlC8HQQDhy5OwbYBwMK:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64ef
Static task
static1
Behavioral task
behavioral1
Sample
0562680aadf7883f0dfa6d49b6efb26f68829b6e42e48874cdb603c4ceea2638.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
0562680aadf7883f0dfa6d49b6efb26f68829b6e42e48874cdb603c4ceea2638.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
0562680aadf7883f0dfa6d49b6efb26f68829b6e42e48874cdb603c4ceea2638
-
Size
586KB
-
MD5
5fab38bcb84f31bfc2331f411c685dba
-
SHA1
11270c9cb671d0cc9f0196ccd93870de6e684c5b
-
SHA256
0562680aadf7883f0dfa6d49b6efb26f68829b6e42e48874cdb603c4ceea2638
-
SHA512
18adba182ba176717cdec76fdf001146c55b7b84e0a495384fae37b51a7145a6969a543e759b85f029340447fcb71904bf89533085d784d3be98b8a5a5e74d4b
-
SSDEEP
6144:O82p4pFHfzMepymgWPnviP6Koa0nArn20l96tCF2eKNBDRlC8HQQDhy5OwbYBwMK:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64ef
Score10/10-
Modifies WinLogon for persistence
-
Drops startup file
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-