General
-
Target
3f00feae8e33d7493497d7c86fb7ecc3
-
Size
778KB
-
Sample
231225-11zkzaaah7
-
MD5
3f00feae8e33d7493497d7c86fb7ecc3
-
SHA1
0111c1906faaf0da234c7f36d9926b967510838d
-
SHA256
6dadee4990c701d83dc6f01f331a82016536b7802b9e219186ae3b5bfe0840ff
-
SHA512
bce5ef69c360658472393f764e50eae88e39335154bf413f1b2bda3dc03fcb220d86ebfff186470c04413fe5880f6b11be45a82d9b34943d0432c51b5e59f8f8
-
SSDEEP
12288:UZWtI6Rk4VweZJys73dOvXDpNjNe8LOOVweZJys73dOvXDpNjNe8X:UuhaneZJ8NI8oeZJ8NI8X
Malware Config
Targets
-
-
Target
3f00feae8e33d7493497d7c86fb7ecc3
-
Size
778KB
-
MD5
3f00feae8e33d7493497d7c86fb7ecc3
-
SHA1
0111c1906faaf0da234c7f36d9926b967510838d
-
SHA256
6dadee4990c701d83dc6f01f331a82016536b7802b9e219186ae3b5bfe0840ff
-
SHA512
bce5ef69c360658472393f764e50eae88e39335154bf413f1b2bda3dc03fcb220d86ebfff186470c04413fe5880f6b11be45a82d9b34943d0432c51b5e59f8f8
-
SSDEEP
12288:UZWtI6Rk4VweZJys73dOvXDpNjNe8LOOVweZJys73dOvXDpNjNe8X:UuhaneZJ8NI8oeZJ8NI8X
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-