General
-
Target
3e29beca68fde5d181ea05ef7a47207bf137c00edd29769d6bfeaa37f639b03d
-
Size
4.1MB
-
Sample
220915-yttp2ahgbj
-
MD5
82b806c7c3a84f9b35c561543c3268d1
-
SHA1
693db46b593b2a590f15ed2ee49fe9b1b97faa61
-
SHA256
3e29beca68fde5d181ea05ef7a47207bf137c00edd29769d6bfeaa37f639b03d
-
SHA512
981e91466b57fcdb00640c5056f471cf28e0c6391abedd7929815d5b26b59514e3c847ccfae5024cac9cf2f3afcd4877b189821f9ed1002cff2abfacbaa551fc
-
SSDEEP
98304:J6Ih3AebApNZVRURNNtrF0Idq+4aoknpa3e15I4JzL:UcFbA5VRgNtrF7ERknpa3C5I4J/
Static task
static1
Malware Config
Targets
-
-
Target
3e29beca68fde5d181ea05ef7a47207bf137c00edd29769d6bfeaa37f639b03d
-
Size
4.1MB
-
MD5
82b806c7c3a84f9b35c561543c3268d1
-
SHA1
693db46b593b2a590f15ed2ee49fe9b1b97faa61
-
SHA256
3e29beca68fde5d181ea05ef7a47207bf137c00edd29769d6bfeaa37f639b03d
-
SHA512
981e91466b57fcdb00640c5056f471cf28e0c6391abedd7929815d5b26b59514e3c847ccfae5024cac9cf2f3afcd4877b189821f9ed1002cff2abfacbaa551fc
-
SSDEEP
98304:J6Ih3AebApNZVRURNNtrF0Idq+4aoknpa3e15I4JzL:UcFbA5VRgNtrF7ERknpa3C5I4J/
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-