General
-
Target
6386790cd0e9d4d08546eda27c4f620afcf9a073130cc54acc24f1ba49673c45
-
Size
4.1MB
-
Sample
220917-ksx46sddel
-
MD5
809ea43d2782348fabb9bdc3f0678bc9
-
SHA1
b98562578c41c3a707ca3d7c3858e72299f49f5d
-
SHA256
6386790cd0e9d4d08546eda27c4f620afcf9a073130cc54acc24f1ba49673c45
-
SHA512
f44702d753995a3cd705332393147bfcf765f05e625cf916b1af81b7a75195e270b6af21c2cb4ad3175b17029685df31ded57777b461718bef23efd828d77fc7
-
SSDEEP
98304:iJmxSks8+Gcx3dbZXlhbgZIt4kglLsqaK8Gt0oY1fO:rxszGcxtZ10kgGqhtXY1G
Static task
static1
Malware Config
Targets
-
-
Target
6386790cd0e9d4d08546eda27c4f620afcf9a073130cc54acc24f1ba49673c45
-
Size
4.1MB
-
MD5
809ea43d2782348fabb9bdc3f0678bc9
-
SHA1
b98562578c41c3a707ca3d7c3858e72299f49f5d
-
SHA256
6386790cd0e9d4d08546eda27c4f620afcf9a073130cc54acc24f1ba49673c45
-
SHA512
f44702d753995a3cd705332393147bfcf765f05e625cf916b1af81b7a75195e270b6af21c2cb4ad3175b17029685df31ded57777b461718bef23efd828d77fc7
-
SSDEEP
98304:iJmxSks8+Gcx3dbZXlhbgZIt4kglLsqaK8Gt0oY1fO:rxszGcxtZ10kgGqhtXY1G
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-