General
-
Target
4651a71a696a97c5c0780e68c54053a4
-
Size
2.5MB
-
Sample
240106-qgh4rshadr
-
MD5
4651a71a696a97c5c0780e68c54053a4
-
SHA1
160a058e0b53da8739ef25bb760850c150df571c
-
SHA256
8a39213cf54bbace5e3cd005ecf2cc3347724245911a46e4739d1fcedefd4012
-
SHA512
f02ed2a85043c2f0bd64beeac55775be50c4296b7b515fd5a3a1f6a1db8a6322ef01b7b407db46100a0831f59dcbf3173ed0aba18b93de9d44708df1e8883121
-
SSDEEP
12288:UZWtI6RkzUOB0vOB0Ju9OZUOB0vOB0Ju9OZUOB0vOB0Ju9OZUOB0vOB0Ju9OZUOb:UuhaAOWO/OWO/OWO/OWO/OWO/OWODOb
Malware Config
Targets
-
-
Target
4651a71a696a97c5c0780e68c54053a4
-
Size
2.5MB
-
MD5
4651a71a696a97c5c0780e68c54053a4
-
SHA1
160a058e0b53da8739ef25bb760850c150df571c
-
SHA256
8a39213cf54bbace5e3cd005ecf2cc3347724245911a46e4739d1fcedefd4012
-
SHA512
f02ed2a85043c2f0bd64beeac55775be50c4296b7b515fd5a3a1f6a1db8a6322ef01b7b407db46100a0831f59dcbf3173ed0aba18b93de9d44708df1e8883121
-
SSDEEP
12288:UZWtI6RkzUOB0vOB0Ju9OZUOB0vOB0Ju9OZUOB0vOB0Ju9OZUOB0vOB0Ju9OZUOb:UuhaAOWO/OWO/OWO/OWO/OWO/OWODOb
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-