General
-
Target
16a87e8dd0b0cb8957cb1d1687ccaa60.exe
-
Size
512KB
-
Sample
240102-tefgmshcgp
-
MD5
16a87e8dd0b0cb8957cb1d1687ccaa60
-
SHA1
3752266fcf6420117eed188bbbed466cbbe081d3
-
SHA256
7af058344e2d999238c82be87ee04cc291d6f06c8fd6b202762c58855692ecaa
-
SHA512
5468208a58b56c1e34a0955885d9869ef966232010828c5b9e25d18b890c63f65727a1004ee0f57fdc242ce4f166e00df63996ba2e48c6be7c475dbf24ff9873
-
SSDEEP
6144:1VY0W0sVVZ/dkq5BCoFaJ2i5Lf24C07N5OvSLTUF6pQxI6Upe2cBnTu19bcodj6j:1gDhdkq5BCoC5LfWSLTUQpr2Zu19Qm5M
Malware Config
Targets
-
-
Target
16a87e8dd0b0cb8957cb1d1687ccaa60.exe
-
Size
512KB
-
MD5
16a87e8dd0b0cb8957cb1d1687ccaa60
-
SHA1
3752266fcf6420117eed188bbbed466cbbe081d3
-
SHA256
7af058344e2d999238c82be87ee04cc291d6f06c8fd6b202762c58855692ecaa
-
SHA512
5468208a58b56c1e34a0955885d9869ef966232010828c5b9e25d18b890c63f65727a1004ee0f57fdc242ce4f166e00df63996ba2e48c6be7c475dbf24ff9873
-
SSDEEP
6144:1VY0W0sVVZ/dkq5BCoFaJ2i5Lf24C07N5OvSLTUF6pQxI6Upe2cBnTu19bcodj6j:1gDhdkq5BCoC5LfWSLTUQpr2Zu19Qm5M
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Windows security bypass
-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Modifies WinLogon
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Drops file in System32 directory
-