General
-
Target
SecuriteInfo.com.Win32.HLLW.Autoruner1.38636.30902.31421
-
Size
113KB
-
Sample
200801-d7svbn1jnn
-
MD5
605fd6ecbb77d69c381f18a865002edb
-
SHA1
7d5f8df774d0c28f0165c30369037e2a3584aab6
-
SHA256
9bd190203a73b19bda71958ad24f3b7cfc2867e5ac6c607444c6e406fb3ab476
-
SHA512
bae1cb11245d6a5d3d254b72b043107b7e94ea873678a9c2d061125e38ad4f6d24dbffea5c3b15a6e51659a90f104139c9cb2e0863e58aaab45041af34e2598c
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.HLLW.Autoruner1.38636.30902.31421.exe
Resource
win7
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.HLLW.Autoruner1.38636.30902.31421.exe
Resource
win10v200722
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.HLLW.Autoruner1.38636.30902.31421
-
Size
113KB
-
MD5
605fd6ecbb77d69c381f18a865002edb
-
SHA1
7d5f8df774d0c28f0165c30369037e2a3584aab6
-
SHA256
9bd190203a73b19bda71958ad24f3b7cfc2867e5ac6c607444c6e406fb3ab476
-
SHA512
bae1cb11245d6a5d3d254b72b043107b7e94ea873678a9c2d061125e38ad4f6d24dbffea5c3b15a6e51659a90f104139c9cb2e0863e58aaab45041af34e2598c
Score10/10-
Modifies WinLogon for persistence
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-