General
-
Target
8fccd67805f49e18ab27a96e0a36f345
-
Size
1.0MB
-
Sample
240204-wmx3rshggp
-
MD5
8fccd67805f49e18ab27a96e0a36f345
-
SHA1
760e8b4e03ff389dc868038bc3fadbc5eda4f0a5
-
SHA256
5d8305f5faac2389fc37ce0c022c0c04bf0e9cd328f43bf75e7ff1127250304c
-
SHA512
128e0b5666948d312e4bae239d1f781fa6d30a14a1b6931f7bd0465b461192e5f17974138c7b7b853713afb2bff9b6e9001fdceb7be868986ba00eefc8c0a3e0
-
SSDEEP
12288:UZWtI6RkCOB0vOB0JunuVws/o6erQZb+md4w1UM:UuhaCOWO0wOberQZb+md4wmM
Malware Config
Targets
-
-
Target
8fccd67805f49e18ab27a96e0a36f345
-
Size
1.0MB
-
MD5
8fccd67805f49e18ab27a96e0a36f345
-
SHA1
760e8b4e03ff389dc868038bc3fadbc5eda4f0a5
-
SHA256
5d8305f5faac2389fc37ce0c022c0c04bf0e9cd328f43bf75e7ff1127250304c
-
SHA512
128e0b5666948d312e4bae239d1f781fa6d30a14a1b6931f7bd0465b461192e5f17974138c7b7b853713afb2bff9b6e9001fdceb7be868986ba00eefc8c0a3e0
-
SSDEEP
12288:UZWtI6RkCOB0vOB0JunuVws/o6erQZb+md4w1UM:UuhaCOWO0wOberQZb+md4wmM
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-