General
-
Target
6a5c70d6b694a396bda2db5352ca84be30a3ec59e5b98d834427432ef91a4dde
-
Size
151KB
-
Sample
221106-nsy81scbdp
-
MD5
0f69cfa0ad9efcf4b495135b179a2cd7
-
SHA1
2a60d47f0878419bc1e8f2d176be7947d62ad2db
-
SHA256
6a5c70d6b694a396bda2db5352ca84be30a3ec59e5b98d834427432ef91a4dde
-
SHA512
c108d1b07e938aad5c55b1a02dd3dea01af112f3eee6be4db5b6d099d7e98dfc1e6f371b02b3e1f76438ab507fda9af9c39db1a53a05cee78792a4ab03f85800
-
SSDEEP
3072:dSSknv7BYJlQXQ8p6g4bV/PkKjzrXP/MOKYuNBZQVFxdoWP2lqn:shCJCpp6gEkKDP/MOKLZQf32A
Malware Config
Targets
-
-
Target
6a5c70d6b694a396bda2db5352ca84be30a3ec59e5b98d834427432ef91a4dde
-
Size
151KB
-
MD5
0f69cfa0ad9efcf4b495135b179a2cd7
-
SHA1
2a60d47f0878419bc1e8f2d176be7947d62ad2db
-
SHA256
6a5c70d6b694a396bda2db5352ca84be30a3ec59e5b98d834427432ef91a4dde
-
SHA512
c108d1b07e938aad5c55b1a02dd3dea01af112f3eee6be4db5b6d099d7e98dfc1e6f371b02b3e1f76438ab507fda9af9c39db1a53a05cee78792a4ab03f85800
-
SSDEEP
3072:dSSknv7BYJlQXQ8p6g4bV/PkKjzrXP/MOKYuNBZQVFxdoWP2lqn:shCJCpp6gEkKDP/MOKLZQf32A
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-