General
-
Target
c26ba07654897acae88d97f22f629ad2926a62828749a8ea3af86d3f80fc1a86
-
Size
4.1MB
-
Sample
220916-epd91aefb5
-
MD5
482ffad847ffb10500a5343f12b1bad3
-
SHA1
029749d6e0ad70f93c84f42a37c3a39169bab430
-
SHA256
c26ba07654897acae88d97f22f629ad2926a62828749a8ea3af86d3f80fc1a86
-
SHA512
de8a3e299d7d413d96cd69999a6bd3318854be142370c6f611f27e43497730c8a224c86dd0f18e5ce400062c55845ac8c439ec7f1be6d9406a1437df60dc3db7
-
SSDEEP
49152:L5Yim6tSR5O+LMEfTFjudw5bzFSua7/4Un5m77VqtkbBsTajfEjIb+yCsDFEpYrU:L52FhoQRjlRzgH0yukX6fJDCK5X2Im
Static task
static1
Malware Config
Targets
-
-
Target
c26ba07654897acae88d97f22f629ad2926a62828749a8ea3af86d3f80fc1a86
-
Size
4.1MB
-
MD5
482ffad847ffb10500a5343f12b1bad3
-
SHA1
029749d6e0ad70f93c84f42a37c3a39169bab430
-
SHA256
c26ba07654897acae88d97f22f629ad2926a62828749a8ea3af86d3f80fc1a86
-
SHA512
de8a3e299d7d413d96cd69999a6bd3318854be142370c6f611f27e43497730c8a224c86dd0f18e5ce400062c55845ac8c439ec7f1be6d9406a1437df60dc3db7
-
SSDEEP
49152:L5Yim6tSR5O+LMEfTFjudw5bzFSua7/4Un5m77VqtkbBsTajfEjIb+yCsDFEpYrU:L52FhoQRjlRzgH0yukX6fJDCK5X2Im
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-