General
-
Target
e9f44d69c55aee5de4ce831532984375c7e3efdea3091a2efbd9459b7289b016
-
Size
4.1MB
-
Sample
220912-26d2wseda6
-
MD5
d1922a68005149645eb1cd5fb5544d64
-
SHA1
ba4fb40463cdb77742180fd4d099d035a757b198
-
SHA256
e9f44d69c55aee5de4ce831532984375c7e3efdea3091a2efbd9459b7289b016
-
SHA512
63d2f36431010a4ec56bbf1b9f48d6dcfbe80462582b73b6a0e342e25d25e1a0c7737e003997fbcfce4cadffc5f19dbfd2d0d50406c57fcf9d74b78ddaad9d06
-
SSDEEP
98304:5Mr3bZqltKcMdboPXt8qRi6+U8LHcxW2oHkt5q+Wy/:K7bkujboP3R7+zL8xiEtvT
Static task
static1
Malware Config
Targets
-
-
Target
e9f44d69c55aee5de4ce831532984375c7e3efdea3091a2efbd9459b7289b016
-
Size
4.1MB
-
MD5
d1922a68005149645eb1cd5fb5544d64
-
SHA1
ba4fb40463cdb77742180fd4d099d035a757b198
-
SHA256
e9f44d69c55aee5de4ce831532984375c7e3efdea3091a2efbd9459b7289b016
-
SHA512
63d2f36431010a4ec56bbf1b9f48d6dcfbe80462582b73b6a0e342e25d25e1a0c7737e003997fbcfce4cadffc5f19dbfd2d0d50406c57fcf9d74b78ddaad9d06
-
SSDEEP
98304:5Mr3bZqltKcMdboPXt8qRi6+U8LHcxW2oHkt5q+Wy/:K7bkujboP3R7+zL8xiEtvT
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-