General
-
Target
662872db0104fed3498156f98cac4a8ca8035a66b3def61bf8333e70508fc6e2
-
Size
1.2MB
-
Sample
221123-xcpjbaef27
-
MD5
26e985793993eb9d43a48fde7edbb98f
-
SHA1
ad0c79f8d6a2d36bca7b44cc8172625fc1bbdd6d
-
SHA256
662872db0104fed3498156f98cac4a8ca8035a66b3def61bf8333e70508fc6e2
-
SHA512
3bd21359d81bd7d2b1148c4191fce359dc72ba620a2abbfc0f5f87c8ebb26094928657a0936b9e4de746a1ffd73394455328eb40b539dd2f577a60b9b5f6ed86
-
SSDEEP
24576:3uhaterQZb+md4wmXeZJ8NI8DerQZb+md4wmA7p:YAerQZbd288DerQZbd2up
Malware Config
Targets
-
-
Target
662872db0104fed3498156f98cac4a8ca8035a66b3def61bf8333e70508fc6e2
-
Size
1.2MB
-
MD5
26e985793993eb9d43a48fde7edbb98f
-
SHA1
ad0c79f8d6a2d36bca7b44cc8172625fc1bbdd6d
-
SHA256
662872db0104fed3498156f98cac4a8ca8035a66b3def61bf8333e70508fc6e2
-
SHA512
3bd21359d81bd7d2b1148c4191fce359dc72ba620a2abbfc0f5f87c8ebb26094928657a0936b9e4de746a1ffd73394455328eb40b539dd2f577a60b9b5f6ed86
-
SSDEEP
24576:3uhaterQZb+md4wmXeZJ8NI8DerQZb+md4wmA7p:YAerQZbd288DerQZbd2up
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-