General
-
Target
adc8b17547a2eee0a06fe957e588f13c3c38fecaea19c420798d7baf5309fccf
-
Size
527KB
-
Sample
221124-pz878shc8y
-
MD5
db43e9c32675bcc1b9af97f16397a164
-
SHA1
311eef0b07b9a29f8563a94e72323c6914037f7d
-
SHA256
adc8b17547a2eee0a06fe957e588f13c3c38fecaea19c420798d7baf5309fccf
-
SHA512
728c1ac9dab24781171e9b12c65446b008fba1042a47d382563dd38a615ef513d9b4ed273b151f51e7b5249ca86cad6f195e2485e0bdd93328a5e7747d7ab818
-
SSDEEP
12288:gOFXeZJys73dOvXDpNjNe8z2eZJys73dOvXDpNjNe8hs/og4:bXeZJ8NI8z2eZJ8NI8hOL4
Malware Config
Targets
-
-
Target
adc8b17547a2eee0a06fe957e588f13c3c38fecaea19c420798d7baf5309fccf
-
Size
527KB
-
MD5
db43e9c32675bcc1b9af97f16397a164
-
SHA1
311eef0b07b9a29f8563a94e72323c6914037f7d
-
SHA256
adc8b17547a2eee0a06fe957e588f13c3c38fecaea19c420798d7baf5309fccf
-
SHA512
728c1ac9dab24781171e9b12c65446b008fba1042a47d382563dd38a615ef513d9b4ed273b151f51e7b5249ca86cad6f195e2485e0bdd93328a5e7747d7ab818
-
SSDEEP
12288:gOFXeZJys73dOvXDpNjNe8z2eZJys73dOvXDpNjNe8hs/og4:bXeZJ8NI8z2eZJ8NI8hOL4
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-