General
-
Target
1134e7f24b906a0b7eab5e5e292a93fa114ef73da03b65e2c5108edb3e18eb20
-
Size
88KB
-
Sample
221124-ajp24aee88
-
MD5
47f2affb06626b3a3b50f33f784da3cc
-
SHA1
a8177113db5f935854485b89307f16310cc67f84
-
SHA256
1134e7f24b906a0b7eab5e5e292a93fa114ef73da03b65e2c5108edb3e18eb20
-
SHA512
4cc9d0823ef3a9e0321cbcaf78f99eb38a19d534c808b53581cd9a108717aedecafb3f64f9fbbba6fd9c40c665af9e6a4caf72db37630e8896cd950ee9e06f31
-
SSDEEP
1536:Ctin9saQu5M2kb+uhKxEPoBsla/iAW7nsjjyyJ5QZj+lYWHyt1t:355MisKx2oBsl5d7nsjH3QhcYWHyvt
Malware Config
Targets
-
-
Target
1134e7f24b906a0b7eab5e5e292a93fa114ef73da03b65e2c5108edb3e18eb20
-
Size
88KB
-
MD5
47f2affb06626b3a3b50f33f784da3cc
-
SHA1
a8177113db5f935854485b89307f16310cc67f84
-
SHA256
1134e7f24b906a0b7eab5e5e292a93fa114ef73da03b65e2c5108edb3e18eb20
-
SHA512
4cc9d0823ef3a9e0321cbcaf78f99eb38a19d534c808b53581cd9a108717aedecafb3f64f9fbbba6fd9c40c665af9e6a4caf72db37630e8896cd950ee9e06f31
-
SSDEEP
1536:Ctin9saQu5M2kb+uhKxEPoBsla/iAW7nsjjyyJ5QZj+lYWHyt1t:355MisKx2oBsl5d7nsjH3QhcYWHyvt
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Suspicious use of SetThreadContext
-