General
-
Target
a91d6d39389eb6374d3ef4384b496894b1e277bb4175d85b500d31366ac42ffd
-
Size
429KB
-
Sample
221123-1ek6fsfa85
-
MD5
24429ba7391dfb9ef44dba198357a27c
-
SHA1
0043b89fe2f1ac36f2ac46d9bc23e450d389d041
-
SHA256
a91d6d39389eb6374d3ef4384b496894b1e277bb4175d85b500d31366ac42ffd
-
SHA512
4c653019173f45215b32ccc44a547d9c0eef01eeb3e4b0c276989381c0a8f961694d23eddf341bbf20c91fae8b519eb82101496162b697909d4495ec2cb071b9
-
SSDEEP
6144:5uHONl+lXDZJfLufs73dOk0XDpNjNOpys85rG1VVE+Ih/UOPSe570Szp3irG1VVY:gONeZJys73dOvXDpNjNe8NupOB0JuIqa
Malware Config
Targets
-
-
Target
a91d6d39389eb6374d3ef4384b496894b1e277bb4175d85b500d31366ac42ffd
-
Size
429KB
-
MD5
24429ba7391dfb9ef44dba198357a27c
-
SHA1
0043b89fe2f1ac36f2ac46d9bc23e450d389d041
-
SHA256
a91d6d39389eb6374d3ef4384b496894b1e277bb4175d85b500d31366ac42ffd
-
SHA512
4c653019173f45215b32ccc44a547d9c0eef01eeb3e4b0c276989381c0a8f961694d23eddf341bbf20c91fae8b519eb82101496162b697909d4495ec2cb071b9
-
SSDEEP
6144:5uHONl+lXDZJfLufs73dOk0XDpNjNOpys85rG1VVE+Ih/UOPSe570Szp3irG1VVY:gONeZJys73dOvXDpNjNe8NupOB0JuIqa
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-