General
-
Target
1ef2d39d01d82c4d5c9ce090b68cd93d
-
Size
368KB
-
Sample
231225-bdybysfaaq
-
MD5
1ef2d39d01d82c4d5c9ce090b68cd93d
-
SHA1
6ed30cb6928a839fd8f307479b0049a40e261497
-
SHA256
a1e0ff6ada1c95d57b2bdf10bc6013de7d0eb861f38c20ce28a23353170dfb44
-
SHA512
a41b192cdf1216a6ad071d66fcd7d87f18ea455e2619cebc61eca35b2a42cea6f194e0d053595fbfc398f832dafd0b28f6860e0e70b5deffc61010c1a513df3c
-
SSDEEP
3072:USHWiNo/ftfQKAc94/3bXZ3Nk6Rk3mQsmEX8TKz9rtVnmywjg48jE2Ej5RZ00jES:UZfec9EbXDk6Rk8KWnmy+g4IE2EtE2EU
Malware Config
Targets
-
-
Target
1ef2d39d01d82c4d5c9ce090b68cd93d
-
Size
368KB
-
MD5
1ef2d39d01d82c4d5c9ce090b68cd93d
-
SHA1
6ed30cb6928a839fd8f307479b0049a40e261497
-
SHA256
a1e0ff6ada1c95d57b2bdf10bc6013de7d0eb861f38c20ce28a23353170dfb44
-
SHA512
a41b192cdf1216a6ad071d66fcd7d87f18ea455e2619cebc61eca35b2a42cea6f194e0d053595fbfc398f832dafd0b28f6860e0e70b5deffc61010c1a513df3c
-
SSDEEP
3072:USHWiNo/ftfQKAc94/3bXZ3Nk6Rk3mQsmEX8TKz9rtVnmywjg48jE2Ej5RZ00jES:UZfec9EbXDk6Rk8KWnmy+g4IE2EtE2EU
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-