General
-
Target
0a163a69e7085120c9ef7d865d3d2462.exe
-
Size
3.6MB
-
Sample
240102-tbreqshbdm
-
MD5
0a163a69e7085120c9ef7d865d3d2462
-
SHA1
d83297978835142f26e57e5f2ece187d056270e5
-
SHA256
c00275f7438eda824d527dbd14660e761440dae2e823ce2d1f418c2cae95ab8e
-
SHA512
5b5b4e4be147bd73b2f45c3ee00d679aa2bc41721caf9bb76b31ca7fb7028bc8c5f5cc3487e209807615e74a778747bdfc03f45712e9968c52119be62ebef05f
-
SSDEEP
49152:bferQZbd2f84erQZbd2f84erQZbd2f84erQZbd2f84erQZbd2f8Rw:yrQZBrQZBrQZBrQZBrQZ2
Malware Config
Targets
-
-
Target
0a163a69e7085120c9ef7d865d3d2462.exe
-
Size
3.6MB
-
MD5
0a163a69e7085120c9ef7d865d3d2462
-
SHA1
d83297978835142f26e57e5f2ece187d056270e5
-
SHA256
c00275f7438eda824d527dbd14660e761440dae2e823ce2d1f418c2cae95ab8e
-
SHA512
5b5b4e4be147bd73b2f45c3ee00d679aa2bc41721caf9bb76b31ca7fb7028bc8c5f5cc3487e209807615e74a778747bdfc03f45712e9968c52119be62ebef05f
-
SSDEEP
49152:bferQZbd2f84erQZbd2f84erQZbd2f84erQZbd2f84erQZbd2f8Rw:yrQZBrQZBrQZBrQZBrQZ2
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-