General
-
Target
bee902609ef2f3052b1116b75855941cab84800d6aa232e596c2f1dfe6e6a8f6
-
Size
4.1MB
-
Sample
220913-ffrpeaefg2
-
MD5
506ee5f0bc10ee471dd60b7cdb6c8ccd
-
SHA1
81272e4176776a67ddd1ed4a7d779a2fc7d5b530
-
SHA256
bee902609ef2f3052b1116b75855941cab84800d6aa232e596c2f1dfe6e6a8f6
-
SHA512
7e6d793446dde4c31f51af306f08819f8117fd009ab57c1a7d929039decdc8e780c3b4f097532d8d6794fb4a3196ff93c8785e296b9110f651851a914409c893
-
SSDEEP
98304:/nXb6PqepAtqxy7luGi4T3u3qk5KUWMAbkRsk86eYwPJ2:+9SqNGLgqk5iYMDy
Static task
static1
Malware Config
Targets
-
-
Target
bee902609ef2f3052b1116b75855941cab84800d6aa232e596c2f1dfe6e6a8f6
-
Size
4.1MB
-
MD5
506ee5f0bc10ee471dd60b7cdb6c8ccd
-
SHA1
81272e4176776a67ddd1ed4a7d779a2fc7d5b530
-
SHA256
bee902609ef2f3052b1116b75855941cab84800d6aa232e596c2f1dfe6e6a8f6
-
SHA512
7e6d793446dde4c31f51af306f08819f8117fd009ab57c1a7d929039decdc8e780c3b4f097532d8d6794fb4a3196ff93c8785e296b9110f651851a914409c893
-
SSDEEP
98304:/nXb6PqepAtqxy7luGi4T3u3qk5KUWMAbkRsk86eYwPJ2:+9SqNGLgqk5iYMDy
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-