General
-
Target
4d0f46353cd161dfede3d3db6ea1a03af69e71f8f7c85e3a2d33fab6b36d3993
-
Size
342KB
-
Sample
221124-ntdnpsbd55
-
MD5
e4f2439a84d0667fd4352f92a233b3db
-
SHA1
ec0d0bb2773503517f5f9d94a27e326b84119300
-
SHA256
4d0f46353cd161dfede3d3db6ea1a03af69e71f8f7c85e3a2d33fab6b36d3993
-
SHA512
06a7fc19d0b8c1cb3b6d4ec88534691e7efb947cbf9e1730671ee48f5155b4749a800f42aa304781e74b49227b437b812932c0101b017f00d935f35e185dbc12
-
SSDEEP
6144:5uHOKuHOYE2E2l+lXDZJfLufs73dOk0XDpNjNOpys8r:gOXOf2eZJys73dOvXDpNjNe8r
Malware Config
Targets
-
-
Target
4d0f46353cd161dfede3d3db6ea1a03af69e71f8f7c85e3a2d33fab6b36d3993
-
Size
342KB
-
MD5
e4f2439a84d0667fd4352f92a233b3db
-
SHA1
ec0d0bb2773503517f5f9d94a27e326b84119300
-
SHA256
4d0f46353cd161dfede3d3db6ea1a03af69e71f8f7c85e3a2d33fab6b36d3993
-
SHA512
06a7fc19d0b8c1cb3b6d4ec88534691e7efb947cbf9e1730671ee48f5155b4749a800f42aa304781e74b49227b437b812932c0101b017f00d935f35e185dbc12
-
SSDEEP
6144:5uHOKuHOYE2E2l+lXDZJfLufs73dOk0XDpNjNOpys8r:gOXOf2eZJys73dOvXDpNjNe8r
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-