General
-
Target
69525c3248baf8fea8c63a302b0e7ef47f276964c6d4d69bf8aa4fda5bcc9b54
-
Size
4.1MB
-
Sample
220918-ljr28sehfj
-
MD5
12977f5f7d0af55f4833acd067522049
-
SHA1
8aa9ccca315935b25d2ce19ac976d35e97d67403
-
SHA256
69525c3248baf8fea8c63a302b0e7ef47f276964c6d4d69bf8aa4fda5bcc9b54
-
SHA512
bae5bb462ac1fc044d65b0fd9c785aa4ce41f5cf7571bf2728502c2fd3991df09c4c6501dc719b6662c9822616709d6a066c60a49d95049d42a4a367d6a59121
-
SSDEEP
98304:3dqGqdXJ3oUibKVzaxuMySsOhrCf6rBYPeQYdVoEMhOdjZ6I3:dqdXJ4UuGzlsrCfYyPe7M8dV6w
Static task
static1
Malware Config
Targets
-
-
Target
69525c3248baf8fea8c63a302b0e7ef47f276964c6d4d69bf8aa4fda5bcc9b54
-
Size
4.1MB
-
MD5
12977f5f7d0af55f4833acd067522049
-
SHA1
8aa9ccca315935b25d2ce19ac976d35e97d67403
-
SHA256
69525c3248baf8fea8c63a302b0e7ef47f276964c6d4d69bf8aa4fda5bcc9b54
-
SHA512
bae5bb462ac1fc044d65b0fd9c785aa4ce41f5cf7571bf2728502c2fd3991df09c4c6501dc719b6662c9822616709d6a066c60a49d95049d42a4a367d6a59121
-
SSDEEP
98304:3dqGqdXJ3oUibKVzaxuMySsOhrCf6rBYPeQYdVoEMhOdjZ6I3:dqdXJ4UuGzlsrCfYyPe7M8dV6w
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-