General
-
Target
a34ad16d9807ce5aa2005b212a095441
-
Size
752KB
-
Sample
240225-j229tafd83
-
MD5
a34ad16d9807ce5aa2005b212a095441
-
SHA1
4ba78889e955d2b73c0da60e8cd56c04f8444f04
-
SHA256
21e3fa7d63765a238c93be9380cf324676ac83ee1690667a9875960eac364062
-
SHA512
fe102d2711ef2e485a971437350060ab5353f209f5fdbf91ce009ac4052627c91c89ebbdc43a26493034777f3961872618ca08a77a475884c857b4b6743b1612
-
SSDEEP
12288:UZWtI6RkU9OB07wOm9OB07Y9ggKF1mDaz+s:UuhaU9O0c9O0XFUDaz+s
Malware Config
Targets
-
-
Target
a34ad16d9807ce5aa2005b212a095441
-
Size
752KB
-
MD5
a34ad16d9807ce5aa2005b212a095441
-
SHA1
4ba78889e955d2b73c0da60e8cd56c04f8444f04
-
SHA256
21e3fa7d63765a238c93be9380cf324676ac83ee1690667a9875960eac364062
-
SHA512
fe102d2711ef2e485a971437350060ab5353f209f5fdbf91ce009ac4052627c91c89ebbdc43a26493034777f3961872618ca08a77a475884c857b4b6743b1612
-
SSDEEP
12288:UZWtI6RkU9OB07wOm9OB07Y9ggKF1mDaz+s:UuhaU9O0c9O0XFUDaz+s
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-