General
-
Target
2c117cab05082964bc9b8a69941ae2f61aa32255e31f4a9ee9e28e6e853c8a81
-
Size
148KB
-
Sample
221124-aw9bhaag4x
-
MD5
037e2811993e89e7ab29f3f6223389be
-
SHA1
8e03ee0e57d2713497ebe05ed3883acb08b3423d
-
SHA256
2c117cab05082964bc9b8a69941ae2f61aa32255e31f4a9ee9e28e6e853c8a81
-
SHA512
971b6bae3308bbb7547c465a5f019e39a27f9e0de6316d62b43d8a736f92afdce7efbb215942a37333d16f9afd3ffb8130610f5a842d7b5a13f16c8a090895b7
-
SSDEEP
3072:g/VNiYFHDPE5DZv2U9PDEiE2KawoZiHtPnyh8AjwPonn8:gNNnFHDPE5IUObc2yh8A/8
Malware Config
Targets
-
-
Target
2c117cab05082964bc9b8a69941ae2f61aa32255e31f4a9ee9e28e6e853c8a81
-
Size
148KB
-
MD5
037e2811993e89e7ab29f3f6223389be
-
SHA1
8e03ee0e57d2713497ebe05ed3883acb08b3423d
-
SHA256
2c117cab05082964bc9b8a69941ae2f61aa32255e31f4a9ee9e28e6e853c8a81
-
SHA512
971b6bae3308bbb7547c465a5f019e39a27f9e0de6316d62b43d8a736f92afdce7efbb215942a37333d16f9afd3ffb8130610f5a842d7b5a13f16c8a090895b7
-
SSDEEP
3072:g/VNiYFHDPE5DZv2U9PDEiE2KawoZiHtPnyh8AjwPonn8:gNNnFHDPE5IUObc2yh8A/8
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-