General
-
Target
8c58dad1dcda0c9980fb08c16883607a
-
Size
2.9MB
-
Sample
240203-pv9cfabfdq
-
MD5
8c58dad1dcda0c9980fb08c16883607a
-
SHA1
cefa48929ac647e2e22a509476df35774d268d82
-
SHA256
409019a79072888328550cc79f4205c2c455ccb02661da73eb55e19d5ec6d531
-
SHA512
b7a47b35f4777f0f3978bff053a57a200717475365e181020a51d2b2fc2ef7d5fc9a56f06fd354b3d2f490f25fe3ce1841257f2bf4051f78b9079cbcd064f255
-
SSDEEP
49152:bIerQZbd2terQZbd2terQZbd2terQZbd2terQZbd2T5:VrQZ7rQZ7rQZ7rQZ7rQZg
Malware Config
Targets
-
-
Target
8c58dad1dcda0c9980fb08c16883607a
-
Size
2.9MB
-
MD5
8c58dad1dcda0c9980fb08c16883607a
-
SHA1
cefa48929ac647e2e22a509476df35774d268d82
-
SHA256
409019a79072888328550cc79f4205c2c455ccb02661da73eb55e19d5ec6d531
-
SHA512
b7a47b35f4777f0f3978bff053a57a200717475365e181020a51d2b2fc2ef7d5fc9a56f06fd354b3d2f490f25fe3ce1841257f2bf4051f78b9079cbcd064f255
-
SSDEEP
49152:bIerQZbd2terQZbd2terQZbd2terQZbd2terQZbd2T5:VrQZ7rQZ7rQZ7rQZ7rQZg
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-