General
-
Target
811fdcf364b471b858e14bc33ba06147c4d58fea5b6303a3af1239fdc326af8c
-
Size
944KB
-
Sample
221124-awvhcaag2x
-
MD5
16c7bc2c5b912218d6952f20cdae1563
-
SHA1
78f8b0e251a7eb1a5d11e69995f5c08543e55056
-
SHA256
811fdcf364b471b858e14bc33ba06147c4d58fea5b6303a3af1239fdc326af8c
-
SHA512
3d9a7a702f18fcc2c942ae8c0548f73531715de56458c25b024f775d22975246c43c7ab0df9a00d94fd352d8fa75e85e7c2fffd256440ab7604879d195b0acc2
-
SSDEEP
24576:Oz+crnq6qhjDo0t52nEYy6lsoJWSX394W2nwU3ybbVvJ5MMeAAsV8q3X:AtWjDo0t52nEYy6lsoJWSX394W2nwU3I
Static task
static1
Behavioral task
behavioral1
Sample
811fdcf364b471b858e14bc33ba06147c4d58fea5b6303a3af1239fdc326af8c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
811fdcf364b471b858e14bc33ba06147c4d58fea5b6303a3af1239fdc326af8c.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
811fdcf364b471b858e14bc33ba06147c4d58fea5b6303a3af1239fdc326af8c
-
Size
944KB
-
MD5
16c7bc2c5b912218d6952f20cdae1563
-
SHA1
78f8b0e251a7eb1a5d11e69995f5c08543e55056
-
SHA256
811fdcf364b471b858e14bc33ba06147c4d58fea5b6303a3af1239fdc326af8c
-
SHA512
3d9a7a702f18fcc2c942ae8c0548f73531715de56458c25b024f775d22975246c43c7ab0df9a00d94fd352d8fa75e85e7c2fffd256440ab7604879d195b0acc2
-
SSDEEP
24576:Oz+crnq6qhjDo0t52nEYy6lsoJWSX394W2nwU3ybbVvJ5MMeAAsV8q3X:AtWjDo0t52nEYy6lsoJWSX394W2nwU3I
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-