General
-
Target
4c10a9dd0e113da910689bbd452989301201a2adfd44d648ded79eb6460274dc
-
Size
4.0MB
-
Sample
220828-26dfcsfham
-
MD5
da0d958eee12331fe664ae805e153b48
-
SHA1
c72b3259b7bd4d18cdbacdfc43607bee8ca2b7db
-
SHA256
4c10a9dd0e113da910689bbd452989301201a2adfd44d648ded79eb6460274dc
-
SHA512
89e40f80aebdc1218499bf2584e438f65ff213ea573b5adbfb8554367595a9658764820c2e5e4517298ebf132a9ff7ebdae3ae2e8f2cbf73e393801ec282ff75
-
SSDEEP
98304:xOFi3ImDfQMjookYLKXFJ7Q3H0Nw0VfXy0qekL8O3pLIx+WkcW9moT:xOIYOQVYL2il0RC0Q8MLiF12
Static task
static1
Malware Config
Targets
-
-
Target
4c10a9dd0e113da910689bbd452989301201a2adfd44d648ded79eb6460274dc
-
Size
4.0MB
-
MD5
da0d958eee12331fe664ae805e153b48
-
SHA1
c72b3259b7bd4d18cdbacdfc43607bee8ca2b7db
-
SHA256
4c10a9dd0e113da910689bbd452989301201a2adfd44d648ded79eb6460274dc
-
SHA512
89e40f80aebdc1218499bf2584e438f65ff213ea573b5adbfb8554367595a9658764820c2e5e4517298ebf132a9ff7ebdae3ae2e8f2cbf73e393801ec282ff75
-
SSDEEP
98304:xOFi3ImDfQMjookYLKXFJ7Q3H0Nw0VfXy0qekL8O3pLIx+WkcW9moT:xOIYOQVYL2il0RC0Q8MLiF12
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-