General
-
Target
fb535872bba6dad059ba614ee22b53d3
-
Size
596KB
-
Sample
231228-1xxxzaccfl
-
MD5
fb535872bba6dad059ba614ee22b53d3
-
SHA1
7bb82089ea7e7cea647b05f37215ed93fbfbf71f
-
SHA256
edca7536fe7a5eaad6612c489c7112e05ed05e0a1d13395378847300578c235a
-
SHA512
50d195913cc6f186e393a33e2df1a14430df0719a68db3474885eed79c7a2f0a7d1323c9d31de5b1a8d933aba941f395deb3044a40724c630b7510f06dc23dbd
-
SSDEEP
12288:UZWtI6RkcOPO7OpeZJys73dOvXDpNjNe8r:UuhaXeZJ8NI8r
Malware Config
Targets
-
-
Target
fb535872bba6dad059ba614ee22b53d3
-
Size
596KB
-
MD5
fb535872bba6dad059ba614ee22b53d3
-
SHA1
7bb82089ea7e7cea647b05f37215ed93fbfbf71f
-
SHA256
edca7536fe7a5eaad6612c489c7112e05ed05e0a1d13395378847300578c235a
-
SHA512
50d195913cc6f186e393a33e2df1a14430df0719a68db3474885eed79c7a2f0a7d1323c9d31de5b1a8d933aba941f395deb3044a40724c630b7510f06dc23dbd
-
SSDEEP
12288:UZWtI6RkcOPO7OpeZJys73dOvXDpNjNe8r:UuhaXeZJ8NI8r
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-