General
-
Target
7ce44a252c2d7ce227044036eea3c1a5
-
Size
2.8MB
-
Sample
231226-t1q59sdaa2
-
MD5
7ce44a252c2d7ce227044036eea3c1a5
-
SHA1
61d646b806e942fedf6e9658f6aecf728e803aea
-
SHA256
b27c91d51bee96429c77774034c158eedee14ee3aab72cf364d6de378f16f138
-
SHA512
4444fede6263586c87043aacf81d09d25286277ddbd90ae3ea311c38b3767debbe79d1872cf8637841f534c8ac139739f1fe147c620d3513e72d967418c77cdf
-
SSDEEP
49152:b4erQZbd2xerQZbd2xerQZbd2xerQZbd2I:NrQZfrQZfrQZfrQZj
Malware Config
Targets
-
-
Target
7ce44a252c2d7ce227044036eea3c1a5
-
Size
2.8MB
-
MD5
7ce44a252c2d7ce227044036eea3c1a5
-
SHA1
61d646b806e942fedf6e9658f6aecf728e803aea
-
SHA256
b27c91d51bee96429c77774034c158eedee14ee3aab72cf364d6de378f16f138
-
SHA512
4444fede6263586c87043aacf81d09d25286277ddbd90ae3ea311c38b3767debbe79d1872cf8637841f534c8ac139739f1fe147c620d3513e72d967418c77cdf
-
SSDEEP
49152:b4erQZbd2xerQZbd2xerQZbd2xerQZbd2I:NrQZfrQZfrQZfrQZj
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-