General
-
Target
e1fe3cd4cf42b806caac33a4be87d826
-
Size
318KB
-
Sample
240327-stjl6sac3y
-
MD5
e1fe3cd4cf42b806caac33a4be87d826
-
SHA1
453b680bd96b7e9db11837b6a2717af8c9e13d84
-
SHA256
0449275f851e7101fc32add760a768666d92ab0cdeb2b7397e850d813f1975a8
-
SHA512
a12dce1ceda73f702a82f5c1a5e52ffa49a5a35926a2169b05bb4bc9b7ec6d679c9bf92e18a996eae672cdc12cc794467ac29ec2514d5bcf2c5b8d1f12855311
-
SSDEEP
3072:USHWiNo/ftfQKAc94/3bXZ3Nk6Rk3mQsDEX8TKz3Hip65BQZB1VLpCjARIqEjE2r:UZfec9EbXDk6RkNK6rG1VVE+I5E2EU
Malware Config
Targets
-
-
Target
e1fe3cd4cf42b806caac33a4be87d826
-
Size
318KB
-
MD5
e1fe3cd4cf42b806caac33a4be87d826
-
SHA1
453b680bd96b7e9db11837b6a2717af8c9e13d84
-
SHA256
0449275f851e7101fc32add760a768666d92ab0cdeb2b7397e850d813f1975a8
-
SHA512
a12dce1ceda73f702a82f5c1a5e52ffa49a5a35926a2169b05bb4bc9b7ec6d679c9bf92e18a996eae672cdc12cc794467ac29ec2514d5bcf2c5b8d1f12855311
-
SSDEEP
3072:USHWiNo/ftfQKAc94/3bXZ3Nk6Rk3mQsDEX8TKz3Hip65BQZB1VLpCjARIqEjE2r:UZfec9EbXDk6RkNK6rG1VVE+I5E2EU
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-