General
-
Target
2fbba9ba60633c11a3daece992e97465a5d376d7b5acec7913f7097af3fd746e
-
Size
4.1MB
-
Sample
220916-kyymwsfbf3
-
MD5
3b0462915fc86df44a01853bf1861d1b
-
SHA1
4565f2c51ce220da6c81052b91dc3e8f9e28da0f
-
SHA256
2fbba9ba60633c11a3daece992e97465a5d376d7b5acec7913f7097af3fd746e
-
SHA512
fbcab039763f4e07059727048579e7649ede4e548028c81eecd7bbc0a953cd34ea0d4b0208211c08ff9f3df16864ab5043ce7fd0b5861879bbfd4f7e3c342b4b
-
SSDEEP
98304:cO4SBMeeK41rmy6W3hLzjubM1ns7BhD3Iyac5DIfkubNBiHcv8uv7H:L4SWtK416y6AB0dl33FEpBLtT
Static task
static1
Malware Config
Targets
-
-
Target
2fbba9ba60633c11a3daece992e97465a5d376d7b5acec7913f7097af3fd746e
-
Size
4.1MB
-
MD5
3b0462915fc86df44a01853bf1861d1b
-
SHA1
4565f2c51ce220da6c81052b91dc3e8f9e28da0f
-
SHA256
2fbba9ba60633c11a3daece992e97465a5d376d7b5acec7913f7097af3fd746e
-
SHA512
fbcab039763f4e07059727048579e7649ede4e548028c81eecd7bbc0a953cd34ea0d4b0208211c08ff9f3df16864ab5043ce7fd0b5861879bbfd4f7e3c342b4b
-
SSDEEP
98304:cO4SBMeeK41rmy6W3hLzjubM1ns7BhD3Iyac5DIfkubNBiHcv8uv7H:L4SWtK416y6AB0dl33FEpBLtT
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-