General
-
Target
2dd86d5000b6fc645a6314dcd2fd704bde3110dc568d4f6acc629883254e3ede
-
Size
197KB
-
Sample
221011-zws2ysedfl
-
MD5
62b36923e2db10c0cde680ac74b51030
-
SHA1
77fa1d6b6a8ae129bfa32af646f017434291ad12
-
SHA256
2dd86d5000b6fc645a6314dcd2fd704bde3110dc568d4f6acc629883254e3ede
-
SHA512
65471c94f075fc25b5c000555f29c2eb37649fbc8bb5cbd66fd5c24aad27c6cbe0f8a35769c1d3e89aae03c1897e2ba9ede5576c9958008e486c4bf32ebe3d78
-
SSDEEP
6144:zy2l2q/H4hYOgIPZk1VzplLlk/kk5+4tR:z92GH0wplk7tR
Malware Config
Targets
-
-
Target
2dd86d5000b6fc645a6314dcd2fd704bde3110dc568d4f6acc629883254e3ede
-
Size
197KB
-
MD5
62b36923e2db10c0cde680ac74b51030
-
SHA1
77fa1d6b6a8ae129bfa32af646f017434291ad12
-
SHA256
2dd86d5000b6fc645a6314dcd2fd704bde3110dc568d4f6acc629883254e3ede
-
SHA512
65471c94f075fc25b5c000555f29c2eb37649fbc8bb5cbd66fd5c24aad27c6cbe0f8a35769c1d3e89aae03c1897e2ba9ede5576c9958008e486c4bf32ebe3d78
-
SSDEEP
6144:zy2l2q/H4hYOgIPZk1VzplLlk/kk5+4tR:z92GH0wplk7tR
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-