General
-
Target
1711d134f31cb185ffa81e85c527cb19e0e94541af8ae46d045d553c15fb580b
-
Size
4.1MB
-
Sample
220916-b3dzlsedf7
-
MD5
34457f0977b3c85ab4c0400dc13ba279
-
SHA1
0c79c0de41759d0be02f9d6b380c3b53caedf941
-
SHA256
1711d134f31cb185ffa81e85c527cb19e0e94541af8ae46d045d553c15fb580b
-
SHA512
99583dc5ac369cf1bfbbc5eea1e0536f77471bf56c109f3918f742cdc02756287c989521087c9b936a4ebf54bfaf360b76e31835e79c92d1a97a53a8aaba44b5
-
SSDEEP
98304:o81ND8Cs6W0+IlcVZdW1Rubu8gbxXETI6NozlIAirDLviW:hV8Cs6aVZdWqgiTI6EIxviW
Static task
static1
Malware Config
Targets
-
-
Target
1711d134f31cb185ffa81e85c527cb19e0e94541af8ae46d045d553c15fb580b
-
Size
4.1MB
-
MD5
34457f0977b3c85ab4c0400dc13ba279
-
SHA1
0c79c0de41759d0be02f9d6b380c3b53caedf941
-
SHA256
1711d134f31cb185ffa81e85c527cb19e0e94541af8ae46d045d553c15fb580b
-
SHA512
99583dc5ac369cf1bfbbc5eea1e0536f77471bf56c109f3918f742cdc02756287c989521087c9b936a4ebf54bfaf360b76e31835e79c92d1a97a53a8aaba44b5
-
SSDEEP
98304:o81ND8Cs6W0+IlcVZdW1Rubu8gbxXETI6NozlIAirDLviW:hV8Cs6aVZdWqgiTI6EIxviW
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-