General
-
Target
19037fcea34b8f650bee17389f2421fc8eb6bf3cc6a741fd04825867fd05f5ba
-
Size
621KB
-
Sample
221128-c2afgaha73
-
MD5
f8067be170998f884ee8c9fc4309be75
-
SHA1
b2abb202c1c8ff8cc4115a33524b839f29cd4e38
-
SHA256
19037fcea34b8f650bee17389f2421fc8eb6bf3cc6a741fd04825867fd05f5ba
-
SHA512
a4d0b0ea6dbed6953e37e588f96dce6f5f2eafa26c2931f57733b1d316e44ad28ba26efdee5dfdced8bc6582d7bd7e0a1de9b8196c7fc1582307f446d974e3b3
-
SSDEEP
12288:gOVeZJys73dOvXDpNjNe8NeZJys73dOvXDpNjNe8TOB06YeZJys73dOvXDpNjNeC:feZJ8NI8NeZJ8NI8TOoeZJ8NI8r
Malware Config
Targets
-
-
Target
19037fcea34b8f650bee17389f2421fc8eb6bf3cc6a741fd04825867fd05f5ba
-
Size
621KB
-
MD5
f8067be170998f884ee8c9fc4309be75
-
SHA1
b2abb202c1c8ff8cc4115a33524b839f29cd4e38
-
SHA256
19037fcea34b8f650bee17389f2421fc8eb6bf3cc6a741fd04825867fd05f5ba
-
SHA512
a4d0b0ea6dbed6953e37e588f96dce6f5f2eafa26c2931f57733b1d316e44ad28ba26efdee5dfdced8bc6582d7bd7e0a1de9b8196c7fc1582307f446d974e3b3
-
SSDEEP
12288:gOVeZJys73dOvXDpNjNe8NeZJys73dOvXDpNjNe8TOB06YeZJys73dOvXDpNjNeC:feZJ8NI8NeZJ8NI8TOoeZJ8NI8r
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-