General
-
Target
9f7bc8f484fc6ed12daac0e3112443d2c8b26d5f9c0a7e10b3adcc18fe82412d
-
Size
681KB
-
Sample
221127-mqg2aaag98
-
MD5
cec19a7195ac3722be048deee572e6de
-
SHA1
850eb93c4fabd627913a53563f47573d38b3bfa3
-
SHA256
9f7bc8f484fc6ed12daac0e3112443d2c8b26d5f9c0a7e10b3adcc18fe82412d
-
SHA512
a5888ecd6dc560fb23e04251f5cd1bb51666394e31804887d417b1fa5df5fd1df8cb6745f6a471cdbf6817267e870cb176db0584d4d4f08d75c8e6790ddb1495
-
SSDEEP
6144:5uHOFnmy+g4OuHOJnmy+g4ZLhQeNai17Y56rKnBfWhveajzxwIEUo:gOF+OJiLhQeN/7YkrWBfWhvRhQUo
Malware Config
Targets
-
-
Target
9f7bc8f484fc6ed12daac0e3112443d2c8b26d5f9c0a7e10b3adcc18fe82412d
-
Size
681KB
-
MD5
cec19a7195ac3722be048deee572e6de
-
SHA1
850eb93c4fabd627913a53563f47573d38b3bfa3
-
SHA256
9f7bc8f484fc6ed12daac0e3112443d2c8b26d5f9c0a7e10b3adcc18fe82412d
-
SHA512
a5888ecd6dc560fb23e04251f5cd1bb51666394e31804887d417b1fa5df5fd1df8cb6745f6a471cdbf6817267e870cb176db0584d4d4f08d75c8e6790ddb1495
-
SSDEEP
6144:5uHOFnmy+g4OuHOJnmy+g4ZLhQeNai17Y56rKnBfWhveajzxwIEUo:gOF+OJiLhQeN/7YkrWBfWhvRhQUo
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-