General
-
Target
0e6625418e8de38c4ac7416173ac6e4026dc4d9c912cda8670465c614335f41e
-
Size
4.1MB
-
Sample
220917-3yd8csaeb2
-
MD5
4ba22e8fa56bb479fd59646f6fcecff7
-
SHA1
21b69951fa6a55bbe30d77a824db335c89ea4dd1
-
SHA256
0e6625418e8de38c4ac7416173ac6e4026dc4d9c912cda8670465c614335f41e
-
SHA512
a86d1d50d45931071edeaad510ae9e347c6c2bc112835f5d873d1cef2c8504e8e84320b38eeb15b91135d904ab1461f816cdba9acef34da27c2222d798b4f273
-
SSDEEP
98304:AsGJiP4j1S2HHCZ8wOzti+B4zl/1TXI9Dm+hLPqvEJESeVtl:Q84j1S29wOztirzlNd+xPqvWESY
Static task
static1
Malware Config
Targets
-
-
Target
0e6625418e8de38c4ac7416173ac6e4026dc4d9c912cda8670465c614335f41e
-
Size
4.1MB
-
MD5
4ba22e8fa56bb479fd59646f6fcecff7
-
SHA1
21b69951fa6a55bbe30d77a824db335c89ea4dd1
-
SHA256
0e6625418e8de38c4ac7416173ac6e4026dc4d9c912cda8670465c614335f41e
-
SHA512
a86d1d50d45931071edeaad510ae9e347c6c2bc112835f5d873d1cef2c8504e8e84320b38eeb15b91135d904ab1461f816cdba9acef34da27c2222d798b4f273
-
SSDEEP
98304:AsGJiP4j1S2HHCZ8wOzti+B4zl/1TXI9Dm+hLPqvEJESeVtl:Q84j1S29wOztirzlNd+xPqvWESY
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-