General
-
Target
a7ef1f6cf11c9e7d7012a478cfc9713a.exe
-
Size
862KB
-
Sample
240107-yhkyrachhp
-
MD5
a7ef1f6cf11c9e7d7012a478cfc9713a
-
SHA1
a2fa829b99a1f4850ba45ba5f5148640063c1e78
-
SHA256
2cfded7d384d568ff83516b3ca01a463f5164184c6cdcd50ced52b87d796d54a
-
SHA512
1399d82a9160ed53359c70b37c0369d3c3072ee07a2c8186fee12ae96aab4a8affee0ec1340c1932db946d71f525f5e752c7faa1da20a90262bf6d15a415b96c
-
SSDEEP
12288:UZWtI6Rk7NerQZb+md4w1U4ureZJys73dOvXDpNjNe81a4O2:Uuha7NerQZb+md4wmXeZJ8NI81hV
Malware Config
Targets
-
-
Target
a7ef1f6cf11c9e7d7012a478cfc9713a.exe
-
Size
862KB
-
MD5
a7ef1f6cf11c9e7d7012a478cfc9713a
-
SHA1
a2fa829b99a1f4850ba45ba5f5148640063c1e78
-
SHA256
2cfded7d384d568ff83516b3ca01a463f5164184c6cdcd50ced52b87d796d54a
-
SHA512
1399d82a9160ed53359c70b37c0369d3c3072ee07a2c8186fee12ae96aab4a8affee0ec1340c1932db946d71f525f5e752c7faa1da20a90262bf6d15a415b96c
-
SSDEEP
12288:UZWtI6Rk7NerQZb+md4w1U4ureZJys73dOvXDpNjNe81a4O2:Uuha7NerQZb+md4wmXeZJ8NI81hV
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-