General
-
Target
62bd40f3d99e86f121e9805f27a28b14141ae74c6eaea56c2201af448f37c076
-
Size
4.1MB
-
Sample
220916-fj4s5sadfq
-
MD5
43f66a55573133cdcf565d5758d874e1
-
SHA1
7d02a3d9c36f763a288e660b929528ae7cff1170
-
SHA256
62bd40f3d99e86f121e9805f27a28b14141ae74c6eaea56c2201af448f37c076
-
SHA512
c350a25cb844d993dee51d67f4ece9787b5a3e124968a62273bc451ccb65b8b86b5fd95517c82877177fce2e5d50b9d0faabb2d42e4be3ac6898cec5ac9c7367
-
SSDEEP
98304:mptUopoZm7r5RCtPyxfLGJTeYadEVN8A7sx+LU7dA:4y7ZOrXCl0LGJC9dEP8zxLe
Static task
static1
Malware Config
Targets
-
-
Target
62bd40f3d99e86f121e9805f27a28b14141ae74c6eaea56c2201af448f37c076
-
Size
4.1MB
-
MD5
43f66a55573133cdcf565d5758d874e1
-
SHA1
7d02a3d9c36f763a288e660b929528ae7cff1170
-
SHA256
62bd40f3d99e86f121e9805f27a28b14141ae74c6eaea56c2201af448f37c076
-
SHA512
c350a25cb844d993dee51d67f4ece9787b5a3e124968a62273bc451ccb65b8b86b5fd95517c82877177fce2e5d50b9d0faabb2d42e4be3ac6898cec5ac9c7367
-
SSDEEP
98304:mptUopoZm7r5RCtPyxfLGJTeYadEVN8A7sx+LU7dA:4y7ZOrXCl0LGJC9dEP8zxLe
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-