General
-
Target
b759a6a6d52e540b376146d0cebbb58dab41516004b58909af9d761ed20adc04
-
Size
646KB
-
Sample
221206-ltppvsfb76
-
MD5
10ba40760f898647791450b11662862c
-
SHA1
f04684dce6957ef5ea5a45f77b21b7af643fb321
-
SHA256
b759a6a6d52e540b376146d0cebbb58dab41516004b58909af9d761ed20adc04
-
SHA512
265acafe249b199f67cc7f1ea7f5759c23e84ea50144a707c2d7d56028b522d50a64c3089a5a67cff83a554380af589b6a9fae9261b61885a2787e221a29e69c
-
SSDEEP
12288:2+1a8L1IuTlumEHXYBbFaanqBNakDYxKkN11t93pvqNZsH:b4I5ImOXYpQZ/7DA/d3pvis
Malware Config
Targets
-
-
Target
b759a6a6d52e540b376146d0cebbb58dab41516004b58909af9d761ed20adc04
-
Size
646KB
-
MD5
10ba40760f898647791450b11662862c
-
SHA1
f04684dce6957ef5ea5a45f77b21b7af643fb321
-
SHA256
b759a6a6d52e540b376146d0cebbb58dab41516004b58909af9d761ed20adc04
-
SHA512
265acafe249b199f67cc7f1ea7f5759c23e84ea50144a707c2d7d56028b522d50a64c3089a5a67cff83a554380af589b6a9fae9261b61885a2787e221a29e69c
-
SSDEEP
12288:2+1a8L1IuTlumEHXYBbFaanqBNakDYxKkN11t93pvqNZsH:b4I5ImOXYpQZ/7DA/d3pvis
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Disables Task Manager via registry modification
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-