General
-
Target
224060ce83ac44499c32380a5b060967
-
Size
642KB
-
Sample
231225-qwnykabedq
-
MD5
224060ce83ac44499c32380a5b060967
-
SHA1
6b7e98e8328b4ac25a11778a5ebc3d9a36a5c42b
-
SHA256
27af21150b2154ddc4ed6f40cdae5b9da8edd292bab0e3750ef19549316455ce
-
SHA512
9f6ccbc585190d062b67a535e2486d584edfce7db2db52bdb524ede00a626f7b8010ea4f694fae7278102343144d165c7151efbaeb4c511d4268a7bd0e507d6d
-
SSDEEP
12288:+jkArEN249AyE/rbaMct4bO2/VFYG7XcELoj5i4/7f0aa+Zl4sYkyxjqd0rIfyfO:5FE//Tct4bOsTYGoEQ5i4/b/a+Zl4sY2
Malware Config
Targets
-
-
Target
224060ce83ac44499c32380a5b060967
-
Size
642KB
-
MD5
224060ce83ac44499c32380a5b060967
-
SHA1
6b7e98e8328b4ac25a11778a5ebc3d9a36a5c42b
-
SHA256
27af21150b2154ddc4ed6f40cdae5b9da8edd292bab0e3750ef19549316455ce
-
SHA512
9f6ccbc585190d062b67a535e2486d584edfce7db2db52bdb524ede00a626f7b8010ea4f694fae7278102343144d165c7151efbaeb4c511d4268a7bd0e507d6d
-
SSDEEP
12288:+jkArEN249AyE/rbaMct4bO2/VFYG7XcELoj5i4/7f0aa+Zl4sYkyxjqd0rIfyfO:5FE//Tct4bOsTYGoEQ5i4/b/a+Zl4sY2
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Drops file in System32 directory
-