General
-
Target
238ae28b9b88c6dcfcdb2b2df957e1794925e73ecac3f8f58254299eddfbbb06
-
Size
4.1MB
-
Sample
220915-xzrl7adhd6
-
MD5
eab894209a2261f4108b70103ee87b4a
-
SHA1
dfc6ec3428bffb420d5ca29763f5be36ab32e2c0
-
SHA256
238ae28b9b88c6dcfcdb2b2df957e1794925e73ecac3f8f58254299eddfbbb06
-
SHA512
41f7080b2060d84d341c8b58084744da2d7cb8da7d45557131699d05a6815188645236501ddf14ac56937e51fa3c29d1ecaa97d67b7fbd53199d0497b8cc72fd
-
SSDEEP
98304:lC3IdP4/j4VUkdzthfBDVrUtzoFJr7YlFKZ2G44ZSlpTioDaQ:M4dyl+zBJrUtzon/Ylq2G44aWoh
Static task
static1
Malware Config
Targets
-
-
Target
238ae28b9b88c6dcfcdb2b2df957e1794925e73ecac3f8f58254299eddfbbb06
-
Size
4.1MB
-
MD5
eab894209a2261f4108b70103ee87b4a
-
SHA1
dfc6ec3428bffb420d5ca29763f5be36ab32e2c0
-
SHA256
238ae28b9b88c6dcfcdb2b2df957e1794925e73ecac3f8f58254299eddfbbb06
-
SHA512
41f7080b2060d84d341c8b58084744da2d7cb8da7d45557131699d05a6815188645236501ddf14ac56937e51fa3c29d1ecaa97d67b7fbd53199d0497b8cc72fd
-
SSDEEP
98304:lC3IdP4/j4VUkdzthfBDVrUtzoFJr7YlFKZ2G44ZSlpTioDaQ:M4dyl+zBJrUtzon/Ylq2G44aWoh
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-