General
-
Target
0f462803e4fba825bb93043037dade1ec1b84f1f4d055a99c5578779b0e9cd3d
-
Size
4.1MB
-
Sample
220917-l4rxzadeaj
-
MD5
6001b624b976ea4d3eabb6d29321b2c7
-
SHA1
15c2e3d0002a492b9d44c7ef024bebf73c415bee
-
SHA256
0f462803e4fba825bb93043037dade1ec1b84f1f4d055a99c5578779b0e9cd3d
-
SHA512
2f827cdc1b02354a09cfdf0325ed1404af75cd17bb14eefce8f5bc04bd490cf708ad52840f8d303d2ac795b2af603f908edabf9782f3aab8d9e2644fcc0f4455
-
SSDEEP
98304:JVrXQdmbB69H4Bgrk34UinIMvWbZunQbrxENXa35UKuO4lKuZl:9bB6JeAxvn0bQYE1pflKQ
Static task
static1
Malware Config
Targets
-
-
Target
0f462803e4fba825bb93043037dade1ec1b84f1f4d055a99c5578779b0e9cd3d
-
Size
4.1MB
-
MD5
6001b624b976ea4d3eabb6d29321b2c7
-
SHA1
15c2e3d0002a492b9d44c7ef024bebf73c415bee
-
SHA256
0f462803e4fba825bb93043037dade1ec1b84f1f4d055a99c5578779b0e9cd3d
-
SHA512
2f827cdc1b02354a09cfdf0325ed1404af75cd17bb14eefce8f5bc04bd490cf708ad52840f8d303d2ac795b2af603f908edabf9782f3aab8d9e2644fcc0f4455
-
SSDEEP
98304:JVrXQdmbB69H4Bgrk34UinIMvWbZunQbrxENXa35UKuO4lKuZl:9bB6JeAxvn0bQYE1pflKQ
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-