General
-
Target
53ee1582c84b70371a35ff0850521050db0127391218ade6e398c4c72c4ad875
-
Size
96KB
-
Sample
221203-fqywgabc9x
-
MD5
25485b5c193c4445302ca3a951f6e1d0
-
SHA1
1922e83e558a2200a98b1779d0776370d3a14f45
-
SHA256
53ee1582c84b70371a35ff0850521050db0127391218ade6e398c4c72c4ad875
-
SHA512
f86fef76bdedc835e4a1173b3aa3f97265750f856d39806d110c4076627514ecf4a3793cce036fadb7b3e9134933443cb304b932898deaee3359ae09e6f98b84
-
SSDEEP
1536:8V6/l1TwNq9tAna04OLQ+0DAjS9vnvCFTXob1Uai3LWyvojQKAdTspU:n/Hgq9UjS9vKFzCihLWywjQKA9OU
Malware Config
Targets
-
-
Target
53ee1582c84b70371a35ff0850521050db0127391218ade6e398c4c72c4ad875
-
Size
96KB
-
MD5
25485b5c193c4445302ca3a951f6e1d0
-
SHA1
1922e83e558a2200a98b1779d0776370d3a14f45
-
SHA256
53ee1582c84b70371a35ff0850521050db0127391218ade6e398c4c72c4ad875
-
SHA512
f86fef76bdedc835e4a1173b3aa3f97265750f856d39806d110c4076627514ecf4a3793cce036fadb7b3e9134933443cb304b932898deaee3359ae09e6f98b84
-
SSDEEP
1536:8V6/l1TwNq9tAna04OLQ+0DAjS9vnvCFTXob1Uai3LWyvojQKAdTspU:n/Hgq9UjS9vKFzCihLWywjQKA9OU
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Suspicious use of SetThreadContext
-