General
-
Target
f8eded8914135088265ae1d9a556c59bb6d767f65ce2dd4daf62e9415d3e8143
-
Size
2.1MB
-
Sample
221127-tr41rsef7x
-
MD5
95a8bd17019faa713057168b69f752f5
-
SHA1
3cc303063fdf781692e9136a882f0f211253ed3e
-
SHA256
f8eded8914135088265ae1d9a556c59bb6d767f65ce2dd4daf62e9415d3e8143
-
SHA512
752aea7cb024869bfa0bd5148d052a60f3bb5e6de8798b2d5f64a1fc276d1524c2f84ad7cf664a416ebfcc76e4753f99d489a94aee9ca3f2f323ba530674f138
-
SSDEEP
24576:bXOieZJ8NI89XOieZJ8NI89XOieZJ8NI89XOieZJ8NI89XOieZJ8NI8c:by89y89y89y89y8c
Behavioral task
behavioral1
Sample
f8eded8914135088265ae1d9a556c59bb6d767f65ce2dd4daf62e9415d3e8143.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f8eded8914135088265ae1d9a556c59bb6d767f65ce2dd4daf62e9415d3e8143.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
f8eded8914135088265ae1d9a556c59bb6d767f65ce2dd4daf62e9415d3e8143
-
Size
2.1MB
-
MD5
95a8bd17019faa713057168b69f752f5
-
SHA1
3cc303063fdf781692e9136a882f0f211253ed3e
-
SHA256
f8eded8914135088265ae1d9a556c59bb6d767f65ce2dd4daf62e9415d3e8143
-
SHA512
752aea7cb024869bfa0bd5148d052a60f3bb5e6de8798b2d5f64a1fc276d1524c2f84ad7cf664a416ebfcc76e4753f99d489a94aee9ca3f2f323ba530674f138
-
SSDEEP
24576:bXOieZJ8NI89XOieZJ8NI89XOieZJ8NI89XOieZJ8NI89XOieZJ8NI8c:by89y89y89y89y8c
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-