General
-
Target
bf8e718bd3f9e00ef63b300e5819fb2b5ad45c9170cb123def003aa8f249cb4c
-
Size
114KB
-
Sample
221203-2xwwcagh41
-
MD5
0c00fa6f6cce964e1c4d901d433c238a
-
SHA1
609b879b9c1fa42ded466021171cb3c02057724d
-
SHA256
bf8e718bd3f9e00ef63b300e5819fb2b5ad45c9170cb123def003aa8f249cb4c
-
SHA512
16eb2f4311fbee1a32fa9fd9bb8f9727b6c8e1be22b074c63bc2aca23d3c273a9205faae01122806684f90c14856461a0d6a8a7065fb5e7d9c866edb70d9ba72
-
SSDEEP
3072:/y3xG9uGQVwuWmWg9+P3to8VGIoInBGbLMHMb9/x1R:KhG9uGju9tcPdzSIAnF9JH
Malware Config
Targets
-
-
Target
bf8e718bd3f9e00ef63b300e5819fb2b5ad45c9170cb123def003aa8f249cb4c
-
Size
114KB
-
MD5
0c00fa6f6cce964e1c4d901d433c238a
-
SHA1
609b879b9c1fa42ded466021171cb3c02057724d
-
SHA256
bf8e718bd3f9e00ef63b300e5819fb2b5ad45c9170cb123def003aa8f249cb4c
-
SHA512
16eb2f4311fbee1a32fa9fd9bb8f9727b6c8e1be22b074c63bc2aca23d3c273a9205faae01122806684f90c14856461a0d6a8a7065fb5e7d9c866edb70d9ba72
-
SSDEEP
3072:/y3xG9uGQVwuWmWg9+P3to8VGIoInBGbLMHMb9/x1R:KhG9uGju9tcPdzSIAnF9JH
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-