General
-
Target
47f42456bd513ef0f941e231f165b17df05aacf7e82d43509e553cd112ba14c4
-
Size
4.0MB
-
Sample
220827-hxw2kageg7
-
MD5
2c1848dc060a78cf4f0fada05690261a
-
SHA1
163f2e642bfc5754776040795b236e0692dec954
-
SHA256
47f42456bd513ef0f941e231f165b17df05aacf7e82d43509e553cd112ba14c4
-
SHA512
60dc0df64208a853f85cf5ace5e7d410674f926a065cc7d87275f82ffc96594cf7f3e76ac1ad9c7fccf4d86fa0d5ca8a7ec9588a0d20099b3a92e2ae15082fbe
-
SSDEEP
98304:2QchcUf2eVY3hqL0Q1ooXzj0T8aARvjz7pyKCqVI8K5HeC:2JGUueVRbBjvIKCqVI8K5eC
Static task
static1
Malware Config
Targets
-
-
Target
47f42456bd513ef0f941e231f165b17df05aacf7e82d43509e553cd112ba14c4
-
Size
4.0MB
-
MD5
2c1848dc060a78cf4f0fada05690261a
-
SHA1
163f2e642bfc5754776040795b236e0692dec954
-
SHA256
47f42456bd513ef0f941e231f165b17df05aacf7e82d43509e553cd112ba14c4
-
SHA512
60dc0df64208a853f85cf5ace5e7d410674f926a065cc7d87275f82ffc96594cf7f3e76ac1ad9c7fccf4d86fa0d5ca8a7ec9588a0d20099b3a92e2ae15082fbe
-
SSDEEP
98304:2QchcUf2eVY3hqL0Q1ooXzj0T8aARvjz7pyKCqVI8K5HeC:2JGUueVRbBjvIKCqVI8K5eC
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-