General
-
Target
fa08d8b751ba4af68c10105986f454dd.exe
-
Size
3.4MB
-
Sample
240103-sqettaffbr
-
MD5
fa08d8b751ba4af68c10105986f454dd
-
SHA1
6439e89c11809a6257a99bf739ea1be734b1acd1
-
SHA256
9f579041ad06b136aab98ac0a4d06c1b171cbfe22219e047f637498d9eed91dd
-
SHA512
0658cd42435817c8649b6e7835a67d59b258f8dd99a2269ada3b5f4609bd3295cc747030007b8212db7e549ca352137ac7cba2f9aa8498e48f51cf6e9c2fa708
-
SSDEEP
12288:UZWtI6RkoyuVOuyuVOuyuVOuyuVOuyuhrRZOiyuVOuyuVOuyuVOuyuVOuyuhrRZ5:UuhaShhp
Malware Config
Targets
-
-
Target
fa08d8b751ba4af68c10105986f454dd.exe
-
Size
3.4MB
-
MD5
fa08d8b751ba4af68c10105986f454dd
-
SHA1
6439e89c11809a6257a99bf739ea1be734b1acd1
-
SHA256
9f579041ad06b136aab98ac0a4d06c1b171cbfe22219e047f637498d9eed91dd
-
SHA512
0658cd42435817c8649b6e7835a67d59b258f8dd99a2269ada3b5f4609bd3295cc747030007b8212db7e549ca352137ac7cba2f9aa8498e48f51cf6e9c2fa708
-
SSDEEP
12288:UZWtI6RkoyuVOuyuVOuyuVOuyuVOuyuhrRZOiyuVOuyuVOuyuVOuyuVOuyuhrRZ5:UuhaShhp
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-