General
-
Target
a0eb9de6f96b5f004c0abafa975ac8513aeb309db85761e64cf8ad15178fbb98
-
Size
1.2MB
-
Sample
221127-c622aagh81
-
MD5
ecd910bedce0a0719686bb04112fb851
-
SHA1
be6ff6ca2164541e2d9f13a78eae7758b3628544
-
SHA256
a0eb9de6f96b5f004c0abafa975ac8513aeb309db85761e64cf8ad15178fbb98
-
SHA512
27cd23873d8b8f80561f28b3ba1d804274067a8899f96eedb31047847297a748393b107e686e051d25a3a9e153fad5ec5aeb0b91ae2b1a699fdf3f3fd27a6f3d
-
SSDEEP
12288:gORerQZb+md4w1U4uVwO9erQZb+md4w1U4uVj8pIys7bA:/erQZb+md4wmZnerQZb+md4wmZj8pObA
Malware Config
Targets
-
-
Target
a0eb9de6f96b5f004c0abafa975ac8513aeb309db85761e64cf8ad15178fbb98
-
Size
1.2MB
-
MD5
ecd910bedce0a0719686bb04112fb851
-
SHA1
be6ff6ca2164541e2d9f13a78eae7758b3628544
-
SHA256
a0eb9de6f96b5f004c0abafa975ac8513aeb309db85761e64cf8ad15178fbb98
-
SHA512
27cd23873d8b8f80561f28b3ba1d804274067a8899f96eedb31047847297a748393b107e686e051d25a3a9e153fad5ec5aeb0b91ae2b1a699fdf3f3fd27a6f3d
-
SSDEEP
12288:gORerQZb+md4w1U4uVwO9erQZb+md4w1U4uVj8pIys7bA:/erQZb+md4wmZnerQZb+md4wmZj8pObA
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-