General
-
Target
9acaa237b92019a379965135ce9d82cbaa41d6ff81a02275afeac5570ff1b9a0
-
Size
4.2MB
-
Sample
220826-xq6pragdgj
-
MD5
17fa620b6143ce300afce8341e2f98c3
-
SHA1
c8e7441fd9a49ccbd45c912876289ddb6cf6af9b
-
SHA256
9acaa237b92019a379965135ce9d82cbaa41d6ff81a02275afeac5570ff1b9a0
-
SHA512
5987ee2223e4cb43e0d4774bb0a872da5ae61b076b77e2bfbc8ae06cd7eb2f13425fd104a1c60e54edbceb4927d87e6334b674ad958c9cfe325fdecf503c87fb
-
SSDEEP
98304:mRkQfJ8wEzEWKUWHFfz18adpRFWxvGjEmyXmGwPip:mRkQR8wEzBKPlL1zBWxewmXGwPip
Static task
static1
Malware Config
Targets
-
-
Target
9acaa237b92019a379965135ce9d82cbaa41d6ff81a02275afeac5570ff1b9a0
-
Size
4.2MB
-
MD5
17fa620b6143ce300afce8341e2f98c3
-
SHA1
c8e7441fd9a49ccbd45c912876289ddb6cf6af9b
-
SHA256
9acaa237b92019a379965135ce9d82cbaa41d6ff81a02275afeac5570ff1b9a0
-
SHA512
5987ee2223e4cb43e0d4774bb0a872da5ae61b076b77e2bfbc8ae06cd7eb2f13425fd104a1c60e54edbceb4927d87e6334b674ad958c9cfe325fdecf503c87fb
-
SSDEEP
98304:mRkQfJ8wEzEWKUWHFfz18adpRFWxvGjEmyXmGwPip:mRkQR8wEzBKPlL1zBWxewmXGwPip
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-