General
-
Target
4eca4cb40be4e48e5182ce90d47f7d4c19eff51f1898d2186b01f48c493d469f
-
Size
251KB
-
Sample
221127-v6pp3aae8s
-
MD5
327caad8d9fdc61765b8bf6b9fb4b5e3
-
SHA1
59863bd3f2af28d9adf54f80009177b684b0ccea
-
SHA256
4eca4cb40be4e48e5182ce90d47f7d4c19eff51f1898d2186b01f48c493d469f
-
SHA512
de6ceb0f898a60a9d8277a3e62e642e7d1360c38096652ec6b70d5225367e259c9a0b7bbb79fe88e901bd925bf961c617f8ff654d214df7eaa76a0e953d6d722
-
SSDEEP
3072:TdVd2Hayox1aMOpN9rtVnmywjg48RZ00RZ00jE2Ej5jE2Ej5jE2Ej8:5uHOWnmy+g4oE2EBE2EBE2E4
Malware Config
Targets
-
-
Target
4eca4cb40be4e48e5182ce90d47f7d4c19eff51f1898d2186b01f48c493d469f
-
Size
251KB
-
MD5
327caad8d9fdc61765b8bf6b9fb4b5e3
-
SHA1
59863bd3f2af28d9adf54f80009177b684b0ccea
-
SHA256
4eca4cb40be4e48e5182ce90d47f7d4c19eff51f1898d2186b01f48c493d469f
-
SHA512
de6ceb0f898a60a9d8277a3e62e642e7d1360c38096652ec6b70d5225367e259c9a0b7bbb79fe88e901bd925bf961c617f8ff654d214df7eaa76a0e953d6d722
-
SSDEEP
3072:TdVd2Hayox1aMOpN9rtVnmywjg48RZ00RZ00jE2Ej5jE2Ej5jE2Ej8:5uHOWnmy+g4oE2EBE2EBE2E4
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-