General
-
Target
d7d1ac0b35f60ff71f0ac09d5dfda0794a57545238aed82d874881785f47794b
-
Size
4.1MB
-
Sample
220829-sbs3wscbb3
-
MD5
df1dbf26742fc97926931639c7eaac41
-
SHA1
0ea9036bf5969c154c9f0e458e9734a1b09f9599
-
SHA256
d7d1ac0b35f60ff71f0ac09d5dfda0794a57545238aed82d874881785f47794b
-
SHA512
d389596a374cef2c773db1fd40e79e1882de9d057d1daf3ed54dd319795d684d6dadec3be94e491ead084d1673c4e93e768f354d5929a9c6a0c44ad7ce33fa86
-
SSDEEP
98304:JZMXZltjUkBAcSgxjg0x0MjZfZ+WeZgAvX0yhZH5Kw:PIZXLAcSM0eZFjeZpcyhZZl
Static task
static1
Malware Config
Targets
-
-
Target
d7d1ac0b35f60ff71f0ac09d5dfda0794a57545238aed82d874881785f47794b
-
Size
4.1MB
-
MD5
df1dbf26742fc97926931639c7eaac41
-
SHA1
0ea9036bf5969c154c9f0e458e9734a1b09f9599
-
SHA256
d7d1ac0b35f60ff71f0ac09d5dfda0794a57545238aed82d874881785f47794b
-
SHA512
d389596a374cef2c773db1fd40e79e1882de9d057d1daf3ed54dd319795d684d6dadec3be94e491ead084d1673c4e93e768f354d5929a9c6a0c44ad7ce33fa86
-
SSDEEP
98304:JZMXZltjUkBAcSgxjg0x0MjZfZ+WeZgAvX0yhZH5Kw:PIZXLAcSM0eZFjeZpcyhZZl
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-