General
-
Target
e010659afc7dda13f06f522445b24539f8ea98e2ccc1c1d7c592480cd08a6256
-
Size
234KB
-
Sample
221123-3zq9badf68
-
MD5
2c67c69ac744114ba6720e821d658a40
-
SHA1
af785bdbf214e16bb888a77f3748722672a8f58c
-
SHA256
e010659afc7dda13f06f522445b24539f8ea98e2ccc1c1d7c592480cd08a6256
-
SHA512
7eb29d28e64f5ec946145aa93bed44b3b15a910a22330ef54dcb39b7eeecf27b131c3928ef6a4b416c33434d6cbcd099efdefe29b5ffc95cfa1ffa75ed31470c
-
SSDEEP
3072:H7ujS5THVfzI4Q4RXSGi0nYTLpRUr94R1R1oiiFF+ZObMzqdBIBBAr:NTpzRXvYROk2iiIObMzqqK
Malware Config
Targets
-
-
Target
e010659afc7dda13f06f522445b24539f8ea98e2ccc1c1d7c592480cd08a6256
-
Size
234KB
-
MD5
2c67c69ac744114ba6720e821d658a40
-
SHA1
af785bdbf214e16bb888a77f3748722672a8f58c
-
SHA256
e010659afc7dda13f06f522445b24539f8ea98e2ccc1c1d7c592480cd08a6256
-
SHA512
7eb29d28e64f5ec946145aa93bed44b3b15a910a22330ef54dcb39b7eeecf27b131c3928ef6a4b416c33434d6cbcd099efdefe29b5ffc95cfa1ffa75ed31470c
-
SSDEEP
3072:H7ujS5THVfzI4Q4RXSGi0nYTLpRUr94R1R1oiiFF+ZObMzqdBIBBAr:NTpzRXvYROk2iiIObMzqqK
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-