General
-
Target
9e7fb0da10f1ca80655419f491cbd8454e418f495a928a36e4216b7d38895b6c
-
Size
4.0MB
-
Sample
220828-xlwzradbgr
-
MD5
0950ea7a5d433dd377cbf83eb62d7ab1
-
SHA1
6ecde7cd6153e467eb059b6c70c47404fdecc796
-
SHA256
9e7fb0da10f1ca80655419f491cbd8454e418f495a928a36e4216b7d38895b6c
-
SHA512
86fd608f85925b28dd0f00980fb7d9af26a26c97649ab717b1e23c73770376c6282ff84dab5a0a77b5efe016f8eb2cf014993f2b4f57f964a8dc8cb0d2f8bc29
-
SSDEEP
98304:pkMX5s6aq2oLqyd6PMqWr7dNIefZ13ru5A+sOc54ujyMEM87vO:pVs6a+aPMFf/3Y+54syMEM4vO
Static task
static1
Malware Config
Targets
-
-
Target
9e7fb0da10f1ca80655419f491cbd8454e418f495a928a36e4216b7d38895b6c
-
Size
4.0MB
-
MD5
0950ea7a5d433dd377cbf83eb62d7ab1
-
SHA1
6ecde7cd6153e467eb059b6c70c47404fdecc796
-
SHA256
9e7fb0da10f1ca80655419f491cbd8454e418f495a928a36e4216b7d38895b6c
-
SHA512
86fd608f85925b28dd0f00980fb7d9af26a26c97649ab717b1e23c73770376c6282ff84dab5a0a77b5efe016f8eb2cf014993f2b4f57f964a8dc8cb0d2f8bc29
-
SSDEEP
98304:pkMX5s6aq2oLqyd6PMqWr7dNIefZ13ru5A+sOc54ujyMEM87vO:pVs6a+aPMFf/3Y+54syMEM4vO
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-