General
-
Target
e8dc6d242114e2e102cf43cf88ee68d5.exe
-
Size
651KB
-
Sample
240109-xc7pwsgahm
-
MD5
e8dc6d242114e2e102cf43cf88ee68d5
-
SHA1
917dd87bacfee9fdb6dd74d83600f74c611a8c33
-
SHA256
8bc802b53ac47bf2f96322a53b460f67517de3a71b45de86f3cdcc0a16f9d661
-
SHA512
40d4006c8dff4503cd4dabd3a68a2a4a1af70b40202992710592547cea630aaaa675f4996f39facd8b7b5ba27825a02a52f49c1a31ce02a1dc3b7a67081dc71c
-
SSDEEP
12288:UZWtI6RkeeZJys73dOvXDpNjNe8NeZJys73dOvXDpNjNe8msTyWkD:UuhaeeZJ8NI8NeZJ8NI8Jz+
Malware Config
Targets
-
-
Target
e8dc6d242114e2e102cf43cf88ee68d5.exe
-
Size
651KB
-
MD5
e8dc6d242114e2e102cf43cf88ee68d5
-
SHA1
917dd87bacfee9fdb6dd74d83600f74c611a8c33
-
SHA256
8bc802b53ac47bf2f96322a53b460f67517de3a71b45de86f3cdcc0a16f9d661
-
SHA512
40d4006c8dff4503cd4dabd3a68a2a4a1af70b40202992710592547cea630aaaa675f4996f39facd8b7b5ba27825a02a52f49c1a31ce02a1dc3b7a67081dc71c
-
SSDEEP
12288:UZWtI6RkeeZJys73dOvXDpNjNe8NeZJys73dOvXDpNjNe8msTyWkD:UuhaeeZJ8NI8NeZJ8NI8Jz+
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-