General
-
Target
f432f203fdb33432a7240950f8b21df0b03584fe950b505d19dda6b8397574f4
-
Size
593KB
-
Sample
221123-xx91ragc97
-
MD5
57faa66dd268a9c82ccde7cf4fd0d739
-
SHA1
acc62e9849ceb79e1b9705275c0ec2f5ebf4e0cc
-
SHA256
f432f203fdb33432a7240950f8b21df0b03584fe950b505d19dda6b8397574f4
-
SHA512
9f22ed852f960c0f3c73aeb9af5c8a4e6b1cfd348f48d476be7f2d8e56e243a53d62e71545e74ddf35a29c1229ecd8e5c119acd5db2690c133a5825ba7f2f833
-
SSDEEP
12288:oeDcZrI3eOYKX6eibMTQrvukiU3QfyMYbpI7aTPp:oeP34KObsQKkiU3Gy7xB
Malware Config
Targets
-
-
Target
f432f203fdb33432a7240950f8b21df0b03584fe950b505d19dda6b8397574f4
-
Size
593KB
-
MD5
57faa66dd268a9c82ccde7cf4fd0d739
-
SHA1
acc62e9849ceb79e1b9705275c0ec2f5ebf4e0cc
-
SHA256
f432f203fdb33432a7240950f8b21df0b03584fe950b505d19dda6b8397574f4
-
SHA512
9f22ed852f960c0f3c73aeb9af5c8a4e6b1cfd348f48d476be7f2d8e56e243a53d62e71545e74ddf35a29c1229ecd8e5c119acd5db2690c133a5825ba7f2f833
-
SSDEEP
12288:oeDcZrI3eOYKX6eibMTQrvukiU3QfyMYbpI7aTPp:oeP34KObsQKkiU3Gy7xB
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-