General
-
Target
0cd99967175f9086f48639644ce873a7cb0b0d2dd1fdf66611dd02041d9f04dd
-
Size
1.8MB
-
Sample
221128-c2a21ada7w
-
MD5
9c2acfe7e4f251817bf65f2b2c12c3f4
-
SHA1
aa5acd52bf027a2712a3836d7f47952008cb08fd
-
SHA256
0cd99967175f9086f48639644ce873a7cb0b0d2dd1fdf66611dd02041d9f04dd
-
SHA512
ec3c05e1244f31e8a52ab18ddd24cef916696a98bade106cebc55b95ca62abb34c685399a37f42cedc907bc4fa69517839540ba626db84d4e9c86bc61058e3a4
-
SSDEEP
12288:gODUOGGOB0fOWUOGGOB0fOWUOGGOB0fOWUOGGOB0fOWUOGGOB0ySQut:pIGOAIGOAIGOAIGOAIGO85
Malware Config
Targets
-
-
Target
0cd99967175f9086f48639644ce873a7cb0b0d2dd1fdf66611dd02041d9f04dd
-
Size
1.8MB
-
MD5
9c2acfe7e4f251817bf65f2b2c12c3f4
-
SHA1
aa5acd52bf027a2712a3836d7f47952008cb08fd
-
SHA256
0cd99967175f9086f48639644ce873a7cb0b0d2dd1fdf66611dd02041d9f04dd
-
SHA512
ec3c05e1244f31e8a52ab18ddd24cef916696a98bade106cebc55b95ca62abb34c685399a37f42cedc907bc4fa69517839540ba626db84d4e9c86bc61058e3a4
-
SSDEEP
12288:gODUOGGOB0fOWUOGGOB0fOWUOGGOB0fOWUOGGOB0fOWUOGGOB0ySQut:pIGOAIGOAIGOAIGOAIGO85
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-