General
-
Target
04706d42e8ea66fddb45a6742bf918a0
-
Size
1.8MB
-
Sample
231225-encpsafch6
-
MD5
04706d42e8ea66fddb45a6742bf918a0
-
SHA1
1733811726cfd7e83699efbc81375c97d5c6fb20
-
SHA256
450d4cebeb311b9808b880802f5a7797cdd9407359575a91956ca590a74f61e4
-
SHA512
cdf95b9ab306c478954197ccb86726c4aee5f237c83b0d3de68e0dbd0f523e48ff39338e185041274bc2b57f96b17f8eda55aa83f93e65dc11c8d243ed2ab5e1
-
SSDEEP
12288:UZWtI6RkzUOB0/OVUOB0/OVUOB0/OVUOB0/OVUOB0/OVUOB0XMut:UuhaAO4O4O4O4O4OS9
Malware Config
Targets
-
-
Target
04706d42e8ea66fddb45a6742bf918a0
-
Size
1.8MB
-
MD5
04706d42e8ea66fddb45a6742bf918a0
-
SHA1
1733811726cfd7e83699efbc81375c97d5c6fb20
-
SHA256
450d4cebeb311b9808b880802f5a7797cdd9407359575a91956ca590a74f61e4
-
SHA512
cdf95b9ab306c478954197ccb86726c4aee5f237c83b0d3de68e0dbd0f523e48ff39338e185041274bc2b57f96b17f8eda55aa83f93e65dc11c8d243ed2ab5e1
-
SSDEEP
12288:UZWtI6RkzUOB0/OVUOB0/OVUOB0/OVUOB0/OVUOB0/OVUOB0XMut:UuhaAO4O4O4O4O4OS9
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-