General
-
Target
bfac890a3d462c3a52f8a2e4d01efa88
-
Size
411KB
-
Sample
240311-dkhwysag57
-
MD5
bfac890a3d462c3a52f8a2e4d01efa88
-
SHA1
061162090a921d4e9d0a6aaba8bb888f5d837fd1
-
SHA256
0749a05867e7431d8ed4655ce7db5da38be5385aa389ee9ab762fb5af2d4eb8a
-
SHA512
b3cda43519c34f7dab89794330f3409df9e7a7d547976626bcb79a8fc48127e94f5853d67474c199a76221db1e7a30ad4bc45e55c2a89e927cc3cfd0ae0b83a2
-
SSDEEP
3072:USHWiNo/ftfQKAc94/3bXZ3Nk6Rk3mQsTEX8TKzRZ00RZ00BdVd2Hayox1aMrpNf:UZfec9EbXDk6RkdKGuHOCrG1VVE+IA
Malware Config
Targets
-
-
Target
bfac890a3d462c3a52f8a2e4d01efa88
-
Size
411KB
-
MD5
bfac890a3d462c3a52f8a2e4d01efa88
-
SHA1
061162090a921d4e9d0a6aaba8bb888f5d837fd1
-
SHA256
0749a05867e7431d8ed4655ce7db5da38be5385aa389ee9ab762fb5af2d4eb8a
-
SHA512
b3cda43519c34f7dab89794330f3409df9e7a7d547976626bcb79a8fc48127e94f5853d67474c199a76221db1e7a30ad4bc45e55c2a89e927cc3cfd0ae0b83a2
-
SSDEEP
3072:USHWiNo/ftfQKAc94/3bXZ3Nk6Rk3mQsTEX8TKzRZ00RZ00BdVd2Hayox1aMrpNf:UZfec9EbXDk6RkdKGuHOCrG1VVE+IA
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-