General
-
Target
a33ef4cd65dea8e95fd8644048ba598c69b0527a26354d18806b67161193f4f3
-
Size
653KB
-
Sample
221123-1eq2psfa95
-
MD5
a8c7d61c20b9ba892c3dc22d03564ae0
-
SHA1
4b13d22b56c551ee39728b002aebd795ddba15bb
-
SHA256
a33ef4cd65dea8e95fd8644048ba598c69b0527a26354d18806b67161193f4f3
-
SHA512
67ea10021a63edd2160de7bf8184faf8b20f84d127784a6e5461b23f32261c20393da59efaa8a969b817ba036fd67b1c1989099b676cf6790a9cbf777f17217d
-
SSDEEP
12288:gOJHeZJys73dOvXDpNjNe8SLvrPOJHeZJys73dOvXDpNjNe8SLvrj:vHeZJ8NI8SLD+HeZJ8NI8SLDj
Malware Config
Targets
-
-
Target
a33ef4cd65dea8e95fd8644048ba598c69b0527a26354d18806b67161193f4f3
-
Size
653KB
-
MD5
a8c7d61c20b9ba892c3dc22d03564ae0
-
SHA1
4b13d22b56c551ee39728b002aebd795ddba15bb
-
SHA256
a33ef4cd65dea8e95fd8644048ba598c69b0527a26354d18806b67161193f4f3
-
SHA512
67ea10021a63edd2160de7bf8184faf8b20f84d127784a6e5461b23f32261c20393da59efaa8a969b817ba036fd67b1c1989099b676cf6790a9cbf777f17217d
-
SSDEEP
12288:gOJHeZJys73dOvXDpNjNe8SLvrPOJHeZJys73dOvXDpNjNe8SLvrj:vHeZJ8NI8SLD+HeZJ8NI8SLDj
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-