General
-
Target
28da8fc362c7d961f45c6e1e1a3f10f4
-
Size
938KB
-
Sample
231225-sq76cshbb4
-
MD5
28da8fc362c7d961f45c6e1e1a3f10f4
-
SHA1
16e2e36f26ed2dcc3a33c145b773e13e62652b8b
-
SHA256
3ec835288ee54e6e280ddaab59573854ee1a2017db6f3ad8b62aa624fab03b61
-
SHA512
846b6bbbbd3f40149bd4d5c64759ae18c98bd7a6b9242cd567ef9c6a5ece335c368682e746604b437f9b630cde89e05bbbe3769bb42253e66f340bcc38e743ae
-
SSDEEP
12288:UZWtI6RkVOB03erQZb+md4w1U4uV6oGeLyeZJys73dOvXDpNjNe8r:UuhaVOaerQZb+md4wmZ6oj2eZJ8NI8r
Malware Config
Targets
-
-
Target
28da8fc362c7d961f45c6e1e1a3f10f4
-
Size
938KB
-
MD5
28da8fc362c7d961f45c6e1e1a3f10f4
-
SHA1
16e2e36f26ed2dcc3a33c145b773e13e62652b8b
-
SHA256
3ec835288ee54e6e280ddaab59573854ee1a2017db6f3ad8b62aa624fab03b61
-
SHA512
846b6bbbbd3f40149bd4d5c64759ae18c98bd7a6b9242cd567ef9c6a5ece335c368682e746604b437f9b630cde89e05bbbe3769bb42253e66f340bcc38e743ae
-
SSDEEP
12288:UZWtI6RkVOB03erQZb+md4w1U4uV6oGeLyeZJys73dOvXDpNjNe8r:UuhaVOaerQZb+md4wmZ6oj2eZJ8NI8r
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-