General
-
Target
a890c3aa1e6a091f5f17a0a40e0610dce06a28d4b20c40678b382a3921e0bc63
-
Size
4.1MB
-
Sample
220916-bglgkaabek
-
MD5
bb0420b411dcfecc7934775ee3edaed4
-
SHA1
a5b5835921c3475354a9e1d859a3eb5b6315fd61
-
SHA256
a890c3aa1e6a091f5f17a0a40e0610dce06a28d4b20c40678b382a3921e0bc63
-
SHA512
1c44c9466df4c204b8eb4c6eb9817f7105eaa84f3214223cb305d537359c06aef531f0c21063f002b9a033020c129556059f0cea44f75fd61fb1cc298a4542a4
-
SSDEEP
98304:lsYVSkqav9KrPzXXWVicx6+aMdg2baqm52YDf2rqqQZhX:ngmYrLXX4cMq5Lr2mqQrX
Static task
static1
Malware Config
Targets
-
-
Target
a890c3aa1e6a091f5f17a0a40e0610dce06a28d4b20c40678b382a3921e0bc63
-
Size
4.1MB
-
MD5
bb0420b411dcfecc7934775ee3edaed4
-
SHA1
a5b5835921c3475354a9e1d859a3eb5b6315fd61
-
SHA256
a890c3aa1e6a091f5f17a0a40e0610dce06a28d4b20c40678b382a3921e0bc63
-
SHA512
1c44c9466df4c204b8eb4c6eb9817f7105eaa84f3214223cb305d537359c06aef531f0c21063f002b9a033020c129556059f0cea44f75fd61fb1cc298a4542a4
-
SSDEEP
98304:lsYVSkqav9KrPzXXWVicx6+aMdg2baqm52YDf2rqqQZhX:ngmYrLXX4cMq5Lr2mqQrX
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-