General
-
Target
7453e7706fcf34a1148c95080f63e8bd0cb3183b59e5bce74dc1d9a1e3afb96a
-
Size
4.0MB
-
Sample
220828-w8nffsdadl
-
MD5
d06e6b05163f7a22b057bae5f9382fa9
-
SHA1
1593939e83dbffe2934c6106536334b9519f57ce
-
SHA256
7453e7706fcf34a1148c95080f63e8bd0cb3183b59e5bce74dc1d9a1e3afb96a
-
SHA512
e37d434a33955aa6ba9c1aa07d743bef60ea831f0bcc1480858596b4b791124c8c917f8607e3b12779c7493b1ceef592a7ccf58946aef519d5b9963965051c26
-
SSDEEP
98304:9W+t5JLbHCNDyoeGLwLofgxrLpYTcFY5XGy0JDSj3UP:XvJLTK9esg5NY5WyaSj3s
Static task
static1
Malware Config
Targets
-
-
Target
7453e7706fcf34a1148c95080f63e8bd0cb3183b59e5bce74dc1d9a1e3afb96a
-
Size
4.0MB
-
MD5
d06e6b05163f7a22b057bae5f9382fa9
-
SHA1
1593939e83dbffe2934c6106536334b9519f57ce
-
SHA256
7453e7706fcf34a1148c95080f63e8bd0cb3183b59e5bce74dc1d9a1e3afb96a
-
SHA512
e37d434a33955aa6ba9c1aa07d743bef60ea831f0bcc1480858596b4b791124c8c917f8607e3b12779c7493b1ceef592a7ccf58946aef519d5b9963965051c26
-
SSDEEP
98304:9W+t5JLbHCNDyoeGLwLofgxrLpYTcFY5XGy0JDSj3UP:XvJLTK9esg5NY5WyaSj3s
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-