General
-
Target
c3e59cb3bd4e80d31e971938e59e1b89f77510b8359ff72a6b2f80d88d53adef
-
Size
4.1MB
-
Sample
220915-2kxxwaaacj
-
MD5
f482dc381b157fc24d9d1993a0a1735e
-
SHA1
60492d76343b6412a0d09e06a8bfe4a31cd22825
-
SHA256
c3e59cb3bd4e80d31e971938e59e1b89f77510b8359ff72a6b2f80d88d53adef
-
SHA512
480bfcd1d9506ae652e6ca313cdb58a780537c8333cabaa38c1672a726da7fb1278fb7b353c06c36595baad42a2b298b6032b86d77ce5b0442d0e962f4fda455
-
SSDEEP
98304:Fwn3l/qr/0OQfCSPVOMezS1N+s0G8gcpRzsrSBZCcjOT8kME:S3fse+TlgwRzsrSSgOD
Static task
static1
Malware Config
Targets
-
-
Target
c3e59cb3bd4e80d31e971938e59e1b89f77510b8359ff72a6b2f80d88d53adef
-
Size
4.1MB
-
MD5
f482dc381b157fc24d9d1993a0a1735e
-
SHA1
60492d76343b6412a0d09e06a8bfe4a31cd22825
-
SHA256
c3e59cb3bd4e80d31e971938e59e1b89f77510b8359ff72a6b2f80d88d53adef
-
SHA512
480bfcd1d9506ae652e6ca313cdb58a780537c8333cabaa38c1672a726da7fb1278fb7b353c06c36595baad42a2b298b6032b86d77ce5b0442d0e962f4fda455
-
SSDEEP
98304:Fwn3l/qr/0OQfCSPVOMezS1N+s0G8gcpRzsrSBZCcjOT8kME:S3fse+TlgwRzsrSSgOD
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-