General
-
Target
9acb84158449044de74f717893bb370e
-
Size
501KB
-
Sample
240214-ffz1sahd9s
-
MD5
9acb84158449044de74f717893bb370e
-
SHA1
408c94f178b7aaec77386f2cea3466381a849fc1
-
SHA256
645ffb78778e3ded533937e6e8e05d04ac8af82541481350244655c27212dd06
-
SHA512
09ef3d682d92710ff1800fb6f2cf3978aa8bae1bec5b4dc32ebf1898bfc0816799bb010f7d45711f7086ee877d49c7fd8aef8f537c43ed10e676f37f75ba8ee8
-
SSDEEP
12288:UZWtI6RkM5BoakureZJys73dOvXDpNjNe8Nut:UuhaM5BvTeZJ8NI8K
Malware Config
Targets
-
-
Target
9acb84158449044de74f717893bb370e
-
Size
501KB
-
MD5
9acb84158449044de74f717893bb370e
-
SHA1
408c94f178b7aaec77386f2cea3466381a849fc1
-
SHA256
645ffb78778e3ded533937e6e8e05d04ac8af82541481350244655c27212dd06
-
SHA512
09ef3d682d92710ff1800fb6f2cf3978aa8bae1bec5b4dc32ebf1898bfc0816799bb010f7d45711f7086ee877d49c7fd8aef8f537c43ed10e676f37f75ba8ee8
-
SSDEEP
12288:UZWtI6RkM5BoakureZJys73dOvXDpNjNe8Nut:UuhaM5BvTeZJ8NI8K
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-