General
-
Target
465b06dccb95b314e631d959bc2ce970
-
Size
2.1MB
-
Sample
231226-arssysfah3
-
MD5
465b06dccb95b314e631d959bc2ce970
-
SHA1
138f4e9308ff55383ee49c1f7c5832b30d7ae602
-
SHA256
4b20f5259c501153ccb0168a7b327e12358483c7d3d66f22bbc729c3f68f11d1
-
SHA512
a527fe3111a1de8c88f8756ef8a3cbc4d1b6e52afa7007d815170e9d059f285994c9eca05c59d35b5715915977b3ce61f9637561896dc04e71372d25558cff13
-
SSDEEP
12288:UZWtI6RkYupOB06UOB0DO6upOB06UOB0DO6upOB06UOB0DO6upOB06UOB0DO6upl:UuhadOkONOkONOkONOkONOkOb0
Malware Config
Targets
-
-
Target
465b06dccb95b314e631d959bc2ce970
-
Size
2.1MB
-
MD5
465b06dccb95b314e631d959bc2ce970
-
SHA1
138f4e9308ff55383ee49c1f7c5832b30d7ae602
-
SHA256
4b20f5259c501153ccb0168a7b327e12358483c7d3d66f22bbc729c3f68f11d1
-
SHA512
a527fe3111a1de8c88f8756ef8a3cbc4d1b6e52afa7007d815170e9d059f285994c9eca05c59d35b5715915977b3ce61f9637561896dc04e71372d25558cff13
-
SSDEEP
12288:UZWtI6RkYupOB06UOB0DO6upOB06UOB0DO6upOB06UOB0DO6upOB06UOB0DO6upl:UuhadOkONOkONOkONOkONOkOb0
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-