General
-
Target
4acea700eb4ec4fb9a09f58a58b3d005
-
Size
2.5MB
-
Sample
231226-cb4xdsfba6
-
MD5
4acea700eb4ec4fb9a09f58a58b3d005
-
SHA1
38e568cd9ec6277eb526b3bd0496edfb4b1416db
-
SHA256
082f39d4f5fcb6033c5e9f0487f8c36c8830b307a5a9ea0349407e056323124a
-
SHA512
f1d54ddd1d799f0c876f2cb93d7d89b12cca4b8866831526bddf54113bf637ed29d8d3312e70431602e2a7f8bb5447ca7739d6fba19fee66cc45c301eb62900e
-
SSDEEP
49152:bPerQZbd2f8zerQZbd2f87erQZbd2f8zerQZbd2f8WETNg:SrQZarQZirQZarQZW
Malware Config
Targets
-
-
Target
4acea700eb4ec4fb9a09f58a58b3d005
-
Size
2.5MB
-
MD5
4acea700eb4ec4fb9a09f58a58b3d005
-
SHA1
38e568cd9ec6277eb526b3bd0496edfb4b1416db
-
SHA256
082f39d4f5fcb6033c5e9f0487f8c36c8830b307a5a9ea0349407e056323124a
-
SHA512
f1d54ddd1d799f0c876f2cb93d7d89b12cca4b8866831526bddf54113bf637ed29d8d3312e70431602e2a7f8bb5447ca7739d6fba19fee66cc45c301eb62900e
-
SSDEEP
49152:bPerQZbd2f8zerQZbd2f87erQZbd2f8zerQZbd2f8WETNg:SrQZarQZirQZarQZW
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-