General
-
Target
c678abb211c22758cb0176ea8a4a063eaa40f5b207144642258ae669b061c7e1
-
Size
4.1MB
-
Sample
220915-wgygcadga5
-
MD5
d6e744822c4117373dddf1c9bb3a70c8
-
SHA1
fa94acd63fe5e9870453daeb7feb8e958bb428a7
-
SHA256
c678abb211c22758cb0176ea8a4a063eaa40f5b207144642258ae669b061c7e1
-
SHA512
5a7635443d0d79970292624263d3aad82f8f82260b0c45e8e30490df669ffa94eda6541f63c88937b2d508305d8957c0827b92cc05855509495c7362d270e3e0
-
SSDEEP
98304:VTcgp0UnaTaBmOdImUf1uf34N/5Eua2JKluvpPSbfROOkZQnPq:BTp0GaTkVCfKnuxKlspKNg2C
Static task
static1
Malware Config
Targets
-
-
Target
c678abb211c22758cb0176ea8a4a063eaa40f5b207144642258ae669b061c7e1
-
Size
4.1MB
-
MD5
d6e744822c4117373dddf1c9bb3a70c8
-
SHA1
fa94acd63fe5e9870453daeb7feb8e958bb428a7
-
SHA256
c678abb211c22758cb0176ea8a4a063eaa40f5b207144642258ae669b061c7e1
-
SHA512
5a7635443d0d79970292624263d3aad82f8f82260b0c45e8e30490df669ffa94eda6541f63c88937b2d508305d8957c0827b92cc05855509495c7362d270e3e0
-
SSDEEP
98304:VTcgp0UnaTaBmOdImUf1uf34N/5Eua2JKluvpPSbfROOkZQnPq:BTp0GaTkVCfKnuxKlspKNg2C
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-