General
-
Target
b89abc388c9df9dd2468b7155ed5fc00790c63e12b11c794c354edbe31eb2a65
-
Size
4.2MB
-
Sample
220916-2m4hfacfej
-
MD5
680f206cddf832a641f93d46f774a85f
-
SHA1
490a7451dd7b6ed136dca3954371b21fb0664a9c
-
SHA256
b89abc388c9df9dd2468b7155ed5fc00790c63e12b11c794c354edbe31eb2a65
-
SHA512
ff164a678ba40bc2c562d75d36525c4821a95d1be67efa8f7a4b43a722ae349b262b9a84ed7ca06a13a2f6062dba23792d2025a533143cd673a61737f2e02199
-
SSDEEP
98304:zHJfjEsiBy4CiLMOlrmwXdk/ACCzyI8i9nJQP2FQ8QApU:bJ7EsiU4mKrm4dixrIjng2FOX
Static task
static1
Malware Config
Targets
-
-
Target
b89abc388c9df9dd2468b7155ed5fc00790c63e12b11c794c354edbe31eb2a65
-
Size
4.2MB
-
MD5
680f206cddf832a641f93d46f774a85f
-
SHA1
490a7451dd7b6ed136dca3954371b21fb0664a9c
-
SHA256
b89abc388c9df9dd2468b7155ed5fc00790c63e12b11c794c354edbe31eb2a65
-
SHA512
ff164a678ba40bc2c562d75d36525c4821a95d1be67efa8f7a4b43a722ae349b262b9a84ed7ca06a13a2f6062dba23792d2025a533143cd673a61737f2e02199
-
SSDEEP
98304:zHJfjEsiBy4CiLMOlrmwXdk/ACCzyI8i9nJQP2FQ8QApU:bJ7EsiU4mKrm4dixrIjng2FOX
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-