General
-
Target
29ba422cc56e641a53775126eb8adaab
-
Size
696KB
-
Sample
231225-s1pf1aagd5
-
MD5
29ba422cc56e641a53775126eb8adaab
-
SHA1
545b68347f0f3a24af2d70a73211687fb3ced825
-
SHA256
87218ab8409540f3638915ec19584ba9dc134e650881335d3704af14bfb2a316
-
SHA512
41af1a41658166d8e02526bf3a28a6b08fbdd569d29d21e463bd8654df6d1413a2a025dd3bd84bcd566a7e5596488cacacaf5f2ab663afe8060221e621788106
-
SSDEEP
6144:UZfec9EbXDk6Rk7KzGFrQZb++tdsHP4+QfI6UVE2EtE2EBE2E4:UZWtI6RkkerQZb+md4w1UAYM4
Malware Config
Targets
-
-
Target
29ba422cc56e641a53775126eb8adaab
-
Size
696KB
-
MD5
29ba422cc56e641a53775126eb8adaab
-
SHA1
545b68347f0f3a24af2d70a73211687fb3ced825
-
SHA256
87218ab8409540f3638915ec19584ba9dc134e650881335d3704af14bfb2a316
-
SHA512
41af1a41658166d8e02526bf3a28a6b08fbdd569d29d21e463bd8654df6d1413a2a025dd3bd84bcd566a7e5596488cacacaf5f2ab663afe8060221e621788106
-
SSDEEP
6144:UZfec9EbXDk6Rk7KzGFrQZb++tdsHP4+QfI6UVE2EtE2EBE2E4:UZWtI6RkkerQZb+md4w1UAYM4
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-