General
-
Target
30a3f46724417c153d904a912392e64c
-
Size
392KB
-
Sample
231225-vyqx6afcf7
-
MD5
30a3f46724417c153d904a912392e64c
-
SHA1
81d8cd9788d0f3855023bb2c0c621adac587d9ee
-
SHA256
c0363279d579c932eb8eeeae6129a68196e1a0c6873e55472c9be4d94ddf1a9c
-
SHA512
10a789aedf03f12b1d88fcc355db1abbbe21b1637bc1dcbd8f62d08cc16ce1438ed17a9332c2fdbc9a3638eebf9695a3e614688c66ac09e6297e494384fc1b0b
-
SSDEEP
3072:USHWiNo/ftfQKAc94/3bXZ3Nk6Rk3mQsWEX8TKza9+RZ00BdVd2Hayox1aMrpNaD:UZfec9EbXDk6RksKFguHOSh
Malware Config
Targets
-
-
Target
30a3f46724417c153d904a912392e64c
-
Size
392KB
-
MD5
30a3f46724417c153d904a912392e64c
-
SHA1
81d8cd9788d0f3855023bb2c0c621adac587d9ee
-
SHA256
c0363279d579c932eb8eeeae6129a68196e1a0c6873e55472c9be4d94ddf1a9c
-
SHA512
10a789aedf03f12b1d88fcc355db1abbbe21b1637bc1dcbd8f62d08cc16ce1438ed17a9332c2fdbc9a3638eebf9695a3e614688c66ac09e6297e494384fc1b0b
-
SSDEEP
3072:USHWiNo/ftfQKAc94/3bXZ3Nk6Rk3mQsWEX8TKza9+RZ00BdVd2Hayox1aMrpNaD:UZfec9EbXDk6RksKFguHOSh
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-