General
-
Target
10d17178096e0b637e15bcdec229c369
-
Size
3.4MB
-
Sample
231225-jylsnahfa7
-
MD5
10d17178096e0b637e15bcdec229c369
-
SHA1
02bf5b9c3fa9e435fe104f5fc8da8de68f566a80
-
SHA256
a7095333802531d23ce2ae1704a2dd36a5fd4854a542bc9814634e402f363f15
-
SHA512
30f0d6cacdf0b7cd5d0abd20d6a831018ba89e6a00b8b7ed30779ea27779292558b7b5ee5192c9344e46d6207b994f14c4b33bf65ca1ef3183fd5e55228de568
-
SSDEEP
49152:bq8DerQZbd238DerQZbd238DerQZbd238DerQZbd2/JerQZbd24:4rQZ6rQZ6rQZ6rQZZrQZ1
Malware Config
Targets
-
-
Target
10d17178096e0b637e15bcdec229c369
-
Size
3.4MB
-
MD5
10d17178096e0b637e15bcdec229c369
-
SHA1
02bf5b9c3fa9e435fe104f5fc8da8de68f566a80
-
SHA256
a7095333802531d23ce2ae1704a2dd36a5fd4854a542bc9814634e402f363f15
-
SHA512
30f0d6cacdf0b7cd5d0abd20d6a831018ba89e6a00b8b7ed30779ea27779292558b7b5ee5192c9344e46d6207b994f14c4b33bf65ca1ef3183fd5e55228de568
-
SSDEEP
49152:bq8DerQZbd238DerQZbd238DerQZbd238DerQZbd2/JerQZbd24:4rQZ6rQZ6rQZ6rQZZrQZ1
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-