General
-
Target
c1e201fe270adea6c090471a71963102
-
Size
754KB
-
Sample
240311-3hrthsbf59
-
MD5
c1e201fe270adea6c090471a71963102
-
SHA1
4915055c2d2fba81a42d0113f24f3ae1ef48ca20
-
SHA256
8b31eacfa2121b152d40105d92d3a696a70055d22166b8f3b52f748d1f2af912
-
SHA512
3cb502b6a5f391803e7ac05bc8078320d26f65312921522283b4a5e4e2e7d8ee7036e3adf53ef1d07ccf4efc0210d4ec628a7696a6843b9ab9a0e698e71fd025
-
SSDEEP
6144:UZfec9EbXDk6Rk8KzGFrQZb++tdsHP4+QfI6UXnmy+g4IE2EorG1VVE+I5E2EfBS:UZWtI6RkderQZb+md4w1UXakuVfA
Malware Config
Targets
-
-
Target
c1e201fe270adea6c090471a71963102
-
Size
754KB
-
MD5
c1e201fe270adea6c090471a71963102
-
SHA1
4915055c2d2fba81a42d0113f24f3ae1ef48ca20
-
SHA256
8b31eacfa2121b152d40105d92d3a696a70055d22166b8f3b52f748d1f2af912
-
SHA512
3cb502b6a5f391803e7ac05bc8078320d26f65312921522283b4a5e4e2e7d8ee7036e3adf53ef1d07ccf4efc0210d4ec628a7696a6843b9ab9a0e698e71fd025
-
SSDEEP
6144:UZfec9EbXDk6Rk8KzGFrQZb++tdsHP4+QfI6UXnmy+g4IE2EorG1VVE+I5E2EfBS:UZWtI6RkderQZb+md4w1UXakuVfA
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-