General
-
Target
c415df9a8b7ef5b4c21a3036e84b3f85
-
Size
994KB
-
Sample
240312-xc88qagc8v
-
MD5
c415df9a8b7ef5b4c21a3036e84b3f85
-
SHA1
ee6f50f19e7f85a8944ab3dc50ebfe6101f4bd06
-
SHA256
35d867ea3a6d9359d033091e2f425ef7aacd360c885816fbc197081a51c2e87e
-
SHA512
53d600cde5edc03a21dd05a6744e5dd80531404af2d3ca877e226618890ff3815cf7c5f5a18640b8825da15bd904b800108ee05c0ffb3716dd6204cbce465a60
-
SSDEEP
12288:UZWtI6RkNerQZb+md4w1UWOB0vOB0Eccr3OB0H:UuhaNerQZb+md4wmWOWOacr3OM
Malware Config
Targets
-
-
Target
c415df9a8b7ef5b4c21a3036e84b3f85
-
Size
994KB
-
MD5
c415df9a8b7ef5b4c21a3036e84b3f85
-
SHA1
ee6f50f19e7f85a8944ab3dc50ebfe6101f4bd06
-
SHA256
35d867ea3a6d9359d033091e2f425ef7aacd360c885816fbc197081a51c2e87e
-
SHA512
53d600cde5edc03a21dd05a6744e5dd80531404af2d3ca877e226618890ff3815cf7c5f5a18640b8825da15bd904b800108ee05c0ffb3716dd6204cbce465a60
-
SSDEEP
12288:UZWtI6RkNerQZb+md4w1UWOB0vOB0Eccr3OB0H:UuhaNerQZb+md4wmWOWOacr3OM
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-