General
-
Target
2bbbc5386abea101002bf6ab9a119b17
-
Size
337KB
-
Sample
231231-g83stafbam
-
MD5
2bbbc5386abea101002bf6ab9a119b17
-
SHA1
45178c6afb84def6b56c1b3171183b3e07b0f757
-
SHA256
a1e77811e090783674d5eb3b7d898a947d6515d90ef8b1882735d053d5a79e8c
-
SHA512
4dbf22be71e40e78210400a11f5958e4021a1919d0abf5ad9f0c5457362691f5d56a5fa7717e28bdb1bd600cd4dcefc83502d52612d4a782bb5d5a4d20a12e80
-
SSDEEP
6144:UZfec9EbXDk6Rk8KME2E0rG1VVE+I5E2E4:UZWtI6RkJwuV4
Malware Config
Targets
-
-
Target
2bbbc5386abea101002bf6ab9a119b17
-
Size
337KB
-
MD5
2bbbc5386abea101002bf6ab9a119b17
-
SHA1
45178c6afb84def6b56c1b3171183b3e07b0f757
-
SHA256
a1e77811e090783674d5eb3b7d898a947d6515d90ef8b1882735d053d5a79e8c
-
SHA512
4dbf22be71e40e78210400a11f5958e4021a1919d0abf5ad9f0c5457362691f5d56a5fa7717e28bdb1bd600cd4dcefc83502d52612d4a782bb5d5a4d20a12e80
-
SSDEEP
6144:UZfec9EbXDk6Rk8KME2E0rG1VVE+I5E2E4:UZWtI6RkJwuV4
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-