General
-
Target
5c74c6677bffb42cc7b61f9cb0889c2f8a07a57065090c5941f1837d6aaa30f9
-
Size
4.1MB
-
Sample
220917-nkw4pahfh7
-
MD5
0fffd1fadcfac0159ae188fc2528f9eb
-
SHA1
078bfec0f8655352641ac78a5023b7747fa87367
-
SHA256
5c74c6677bffb42cc7b61f9cb0889c2f8a07a57065090c5941f1837d6aaa30f9
-
SHA512
f1eea04c49ffe305900d6e2a55eaf35ca3a3f7fbaeaa8a1110d9fc96b96dfb2d1e210c01df7c7e917a5892b03560f67967efeb9bfa8be279880c90dffa6b50bc
-
SSDEEP
98304:7denr55ldssbWutgjCfUKoU0Yr++xhN0SPW9PLz:s1asbWUgPKoU0H+xhNSN
Static task
static1
Malware Config
Targets
-
-
Target
5c74c6677bffb42cc7b61f9cb0889c2f8a07a57065090c5941f1837d6aaa30f9
-
Size
4.1MB
-
MD5
0fffd1fadcfac0159ae188fc2528f9eb
-
SHA1
078bfec0f8655352641ac78a5023b7747fa87367
-
SHA256
5c74c6677bffb42cc7b61f9cb0889c2f8a07a57065090c5941f1837d6aaa30f9
-
SHA512
f1eea04c49ffe305900d6e2a55eaf35ca3a3f7fbaeaa8a1110d9fc96b96dfb2d1e210c01df7c7e917a5892b03560f67967efeb9bfa8be279880c90dffa6b50bc
-
SSDEEP
98304:7denr55ldssbWutgjCfUKoU0Yr++xhN0SPW9PLz:s1asbWUgPKoU0H+xhNSN
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-