General
-
Target
dfe31e64464595cefc7915a5dfbe700b434f3ecccf8033f913d0d87029efec08
-
Size
224KB
-
Sample
221206-af2lqadd7v
-
MD5
97d9b62252924a65c4c0c3e956737b27
-
SHA1
033f602685338f18ae21d3d92450ba2c2251f274
-
SHA256
dfe31e64464595cefc7915a5dfbe700b434f3ecccf8033f913d0d87029efec08
-
SHA512
3a5b0cda3a873e28b6959eab68c2b55e0a3d83ebcad3b24b45d4c60fbbdd73b31c4a4cbb91be0b8eec53e458161c7003ad271131d2f71f576c1c0af584243ff3
-
SSDEEP
3072:YtkEoAWF4ZCD4OnYQqD84uiZSDMKdoWAx0NFZCSgMd3u43mb9gBBTsi:YtkEoAM4iYQqA4uoWJ8SgMd3u43mZg9
Malware Config
Targets
-
-
Target
dfe31e64464595cefc7915a5dfbe700b434f3ecccf8033f913d0d87029efec08
-
Size
224KB
-
MD5
97d9b62252924a65c4c0c3e956737b27
-
SHA1
033f602685338f18ae21d3d92450ba2c2251f274
-
SHA256
dfe31e64464595cefc7915a5dfbe700b434f3ecccf8033f913d0d87029efec08
-
SHA512
3a5b0cda3a873e28b6959eab68c2b55e0a3d83ebcad3b24b45d4c60fbbdd73b31c4a4cbb91be0b8eec53e458161c7003ad271131d2f71f576c1c0af584243ff3
-
SSDEEP
3072:YtkEoAWF4ZCD4OnYQqD84uiZSDMKdoWAx0NFZCSgMd3u43mb9gBBTsi:YtkEoAM4iYQqA4uoWJ8SgMd3u43mZg9
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-