General
-
Target
c9e546a73a149407dd884a267261cd7644e28ea3803cf43f8fcb7efcfba00000.exe
-
Size
924KB
-
Sample
250116-rqblqavpej
-
MD5
0f19557a9da139fc9fee1dbfc7b471fa
-
SHA1
ee355b74f40e90cd1dea64c2b5c783fba36461b4
-
SHA256
c9e546a73a149407dd884a267261cd7644e28ea3803cf43f8fcb7efcfba00000
-
SHA512
4ad4bf112503428b2e2829395233884d248b6dfaf96b1c8247a7a9a6a187681d56bd76a9d422e5fa8854109e9809700f0d85c8bf2ab114f84eb6c8e06fb28309
-
SSDEEP
12288:Wytm2WSk/SSs/O0OOlkmJ5pIJYgEl2yjreZiOt+nW2wk/D3W:9tmdiEOlk26aVeZiOmW2pW
Malware Config
Targets
-
-
Target
c9e546a73a149407dd884a267261cd7644e28ea3803cf43f8fcb7efcfba00000.exe
-
Size
924KB
-
MD5
0f19557a9da139fc9fee1dbfc7b471fa
-
SHA1
ee355b74f40e90cd1dea64c2b5c783fba36461b4
-
SHA256
c9e546a73a149407dd884a267261cd7644e28ea3803cf43f8fcb7efcfba00000
-
SHA512
4ad4bf112503428b2e2829395233884d248b6dfaf96b1c8247a7a9a6a187681d56bd76a9d422e5fa8854109e9809700f0d85c8bf2ab114f84eb6c8e06fb28309
-
SSDEEP
12288:Wytm2WSk/SSs/O0OOlkmJ5pIJYgEl2yjreZiOt+nW2wk/D3W:9tmdiEOlk26aVeZiOmW2pW
Score10/10-
Detects Renamer worm.
Renamer aka Grename is worm written in Delphi.
-
Renamer family
-
Renamer, Grenam
Renamer aka Grenam is a worm written in Delphi.
-
Drops startup file
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Suspicious use of SetThreadContext
-