General
-
Target
1494cf99a6f21a722ad1329cc2979e8d7f72427296eff4d03378ac64c511394f
-
Size
4.1MB
-
Sample
220915-241g4saaem
-
MD5
b9ded4caeaac4b9a025765ea6179ab41
-
SHA1
892d36671c51b9e51f8163fef516152eaaab93fd
-
SHA256
1494cf99a6f21a722ad1329cc2979e8d7f72427296eff4d03378ac64c511394f
-
SHA512
3eab86c5162520ffd92995646422c5a9d4d285e6efa20943124ea6565e02f91a300624827ac8cd1bf7f453aef5632711fc42f38c7396391f1e6879828e9d7eb3
-
SSDEEP
49152:zE+bVx59iskVjtwfDrG6Fq8pvCQSaWb4HUfZbBxRuoeRVgVddE9/6OoMK8nRKwcV:zEdskXYT48XWrl6g2/6OoW4Pnbr1
Static task
static1
Malware Config
Targets
-
-
Target
1494cf99a6f21a722ad1329cc2979e8d7f72427296eff4d03378ac64c511394f
-
Size
4.1MB
-
MD5
b9ded4caeaac4b9a025765ea6179ab41
-
SHA1
892d36671c51b9e51f8163fef516152eaaab93fd
-
SHA256
1494cf99a6f21a722ad1329cc2979e8d7f72427296eff4d03378ac64c511394f
-
SHA512
3eab86c5162520ffd92995646422c5a9d4d285e6efa20943124ea6565e02f91a300624827ac8cd1bf7f453aef5632711fc42f38c7396391f1e6879828e9d7eb3
-
SSDEEP
49152:zE+bVx59iskVjtwfDrG6Fq8pvCQSaWb4HUfZbBxRuoeRVgVddE9/6OoMK8nRKwcV:zEdskXYT48XWrl6g2/6OoW4Pnbr1
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-