General
-
Target
2a757cb6b7202b204932d1afc265513652551c504b657122304ff600254cebe8
-
Size
4.0MB
-
Sample
220829-bzv4qahcck
-
MD5
ffe36532d42a0074a6d36d815fa45704
-
SHA1
0607aef0aec2f62dffe84e09c32b76b7fc83348f
-
SHA256
2a757cb6b7202b204932d1afc265513652551c504b657122304ff600254cebe8
-
SHA512
3e5a6b7d9e5cdd32042041e524d2336a80bda5df2dcd6f8961697d5abc87a28079df9994395b0b5d800bc9d41cc67fd7b1bff67e483a7dcf8296a7cca277ca73
-
SSDEEP
49152:NKNqUBZkWEW2zzIrB4ENRyLVxcYeVIaI6c8ggxVzXsOKbMVkB+cUVBUFiWkhlmG+:SqDWaGUx6IaS8TVSB+cc3Wkhlm+ss/Gl
Static task
static1
Malware Config
Targets
-
-
Target
2a757cb6b7202b204932d1afc265513652551c504b657122304ff600254cebe8
-
Size
4.0MB
-
MD5
ffe36532d42a0074a6d36d815fa45704
-
SHA1
0607aef0aec2f62dffe84e09c32b76b7fc83348f
-
SHA256
2a757cb6b7202b204932d1afc265513652551c504b657122304ff600254cebe8
-
SHA512
3e5a6b7d9e5cdd32042041e524d2336a80bda5df2dcd6f8961697d5abc87a28079df9994395b0b5d800bc9d41cc67fd7b1bff67e483a7dcf8296a7cca277ca73
-
SSDEEP
49152:NKNqUBZkWEW2zzIrB4ENRyLVxcYeVIaI6c8ggxVzXsOKbMVkB+cUVBUFiWkhlmG+:SqDWaGUx6IaS8TVSB+cc3Wkhlm+ss/Gl
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-