General
-
Target
5c15d5048d1f18eecc78742c2b8786482a2119422d5d87f29b1841d8c54af423
-
Size
217KB
-
Sample
221124-awzgasfe35
-
MD5
0716ae1087b6a82abe870cfff1c03150
-
SHA1
2111d48c0442fdd6f2bdeda6168d5bd595364883
-
SHA256
5c15d5048d1f18eecc78742c2b8786482a2119422d5d87f29b1841d8c54af423
-
SHA512
463a4a5a641fc9da83afb3003db02e8b4d241b40b931e1caae26fba9f7c14b517103912c750f9554adc6ba578600cf049763cc39aa3dc287bfe9285629aee951
-
SSDEEP
3072:qkV6Cc49R/dMMMMMM2MMMMMZ1yQYCg4LJRI8VWgkHjK:qk8CRRVMMMMMM2MMMMM7RIvgkHjK
Malware Config
Targets
-
-
Target
5c15d5048d1f18eecc78742c2b8786482a2119422d5d87f29b1841d8c54af423
-
Size
217KB
-
MD5
0716ae1087b6a82abe870cfff1c03150
-
SHA1
2111d48c0442fdd6f2bdeda6168d5bd595364883
-
SHA256
5c15d5048d1f18eecc78742c2b8786482a2119422d5d87f29b1841d8c54af423
-
SHA512
463a4a5a641fc9da83afb3003db02e8b4d241b40b931e1caae26fba9f7c14b517103912c750f9554adc6ba578600cf049763cc39aa3dc287bfe9285629aee951
-
SSDEEP
3072:qkV6Cc49R/dMMMMMM2MMMMMZ1yQYCg4LJRI8VWgkHjK:qk8CRRVMMMMMM2MMMMM7RIvgkHjK
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-