General
-
Target
78e32423c9f490803169f62bcbf18f31
-
Size
877KB
-
Sample
240127-bkxzrsabc8
-
MD5
78e32423c9f490803169f62bcbf18f31
-
SHA1
e59d9aeec2a360a3a2714776ed5dfad3b312cfbb
-
SHA256
c1b1323e97ccbd19424a7c9528137b595af2c20c8e523cf906730c272c84ba02
-
SHA512
2f668fcf6d188520f9cb590f6876dcc4f085505d974c461b4782de98b1e790b06bd42a158a89a52963590964bd98cf62e1d36ef140a57cd713a5002cbd70af45
-
SSDEEP
12288:UZWtI6RkbuxerQZb+md4w1UAMMSa4QpIys7bA:UuhaWerQZb+md4wmAMMShQpObA
Malware Config
Targets
-
-
Target
78e32423c9f490803169f62bcbf18f31
-
Size
877KB
-
MD5
78e32423c9f490803169f62bcbf18f31
-
SHA1
e59d9aeec2a360a3a2714776ed5dfad3b312cfbb
-
SHA256
c1b1323e97ccbd19424a7c9528137b595af2c20c8e523cf906730c272c84ba02
-
SHA512
2f668fcf6d188520f9cb590f6876dcc4f085505d974c461b4782de98b1e790b06bd42a158a89a52963590964bd98cf62e1d36ef140a57cd713a5002cbd70af45
-
SSDEEP
12288:UZWtI6RkbuxerQZb+md4w1UAMMSa4QpIys7bA:UuhaWerQZb+md4wmAMMShQpObA
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-