General
-
Target
67134983a5c73266d82fb4c32deabebc408ae6f0efdeaa2a98887c609b6ff31e
-
Size
4.2MB
-
Sample
220917-aj2qwsghd9
-
MD5
f92f7a8404d4f392fbe678afcc13e737
-
SHA1
c75329680fffae64c7f71485e65218bfc11c365e
-
SHA256
67134983a5c73266d82fb4c32deabebc408ae6f0efdeaa2a98887c609b6ff31e
-
SHA512
550c227dc62a285b4b0a9953437be3a1daa554f77f7b7b369e2311979e043bb052d19c9d149451ba4e98e5bdcd783c601d69dd43babf6bd880b5b293ced4d645
-
SSDEEP
98304:/UbgYGd+bV22yNI+yJnuwog3RDTnzggtyRiGkC1/4APr6UmjF+8rL:scYV02l5JuwfDTzt5Gj1wAPr6N5DL
Static task
static1
Malware Config
Targets
-
-
Target
67134983a5c73266d82fb4c32deabebc408ae6f0efdeaa2a98887c609b6ff31e
-
Size
4.2MB
-
MD5
f92f7a8404d4f392fbe678afcc13e737
-
SHA1
c75329680fffae64c7f71485e65218bfc11c365e
-
SHA256
67134983a5c73266d82fb4c32deabebc408ae6f0efdeaa2a98887c609b6ff31e
-
SHA512
550c227dc62a285b4b0a9953437be3a1daa554f77f7b7b369e2311979e043bb052d19c9d149451ba4e98e5bdcd783c601d69dd43babf6bd880b5b293ced4d645
-
SSDEEP
98304:/UbgYGd+bV22yNI+yJnuwog3RDTnzggtyRiGkC1/4APr6UmjF+8rL:scYV02l5JuwfDTzt5Gj1wAPr6N5DL
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-