General
-
Target
78fb8ce29f2095dd17168417904f3c5b5f4b70efb8c37283b7452f375599ec8f
-
Size
490KB
-
Sample
221124-p4rtraec99
-
MD5
9ea46a1ba32bd453ba86bd3813b6c067
-
SHA1
435069cb64ecd9b68c1abd5e4f4510ce87a4c6ab
-
SHA256
78fb8ce29f2095dd17168417904f3c5b5f4b70efb8c37283b7452f375599ec8f
-
SHA512
265f64ec80f7a16d63d3ba3377e94ff2a9ce5b93afac70df586c7602949ef08cb561119ca252b2affed99456c0f3e95db10fff31b7f4c2bed4b5079afc0b68d0
-
SSDEEP
12288:gOVeZJys73dOvXDpNjNe8TOB06YeZJys73dOvXDpNjNe8r:feZJ8NI8TOoeZJ8NI8r
Behavioral task
behavioral1
Sample
78fb8ce29f2095dd17168417904f3c5b5f4b70efb8c37283b7452f375599ec8f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
78fb8ce29f2095dd17168417904f3c5b5f4b70efb8c37283b7452f375599ec8f.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
78fb8ce29f2095dd17168417904f3c5b5f4b70efb8c37283b7452f375599ec8f
-
Size
490KB
-
MD5
9ea46a1ba32bd453ba86bd3813b6c067
-
SHA1
435069cb64ecd9b68c1abd5e4f4510ce87a4c6ab
-
SHA256
78fb8ce29f2095dd17168417904f3c5b5f4b70efb8c37283b7452f375599ec8f
-
SHA512
265f64ec80f7a16d63d3ba3377e94ff2a9ce5b93afac70df586c7602949ef08cb561119ca252b2affed99456c0f3e95db10fff31b7f4c2bed4b5079afc0b68d0
-
SSDEEP
12288:gOVeZJys73dOvXDpNjNe8TOB06YeZJys73dOvXDpNjNe8r:feZJ8NI8TOoeZJ8NI8r
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-