General
-
Target
308423122d98af50785c8f46f20076282bcca27ba06066655a47235c4e325974
-
Size
4.1MB
-
Sample
220918-maewzsfaam
-
MD5
e0bd06e4c80b62f85d1a9f8d72803f24
-
SHA1
dced827f9fe1dbd7828c4970c6eadaeca4626869
-
SHA256
308423122d98af50785c8f46f20076282bcca27ba06066655a47235c4e325974
-
SHA512
0bbf28ae7d923bb5b0bf476d9bd2acdade1f47c320592e662648c801a6621df62f5605e89d10c207e46f7d34063449c2724fa2e1bc3569e4c5301a1f851b2bbe
-
SSDEEP
98304:5pCT1djdZ+yhmb0lQVw4L06EQmyWozLvFk:Mdfb5lqL06EQmyWULW
Static task
static1
Malware Config
Targets
-
-
Target
308423122d98af50785c8f46f20076282bcca27ba06066655a47235c4e325974
-
Size
4.1MB
-
MD5
e0bd06e4c80b62f85d1a9f8d72803f24
-
SHA1
dced827f9fe1dbd7828c4970c6eadaeca4626869
-
SHA256
308423122d98af50785c8f46f20076282bcca27ba06066655a47235c4e325974
-
SHA512
0bbf28ae7d923bb5b0bf476d9bd2acdade1f47c320592e662648c801a6621df62f5605e89d10c207e46f7d34063449c2724fa2e1bc3569e4c5301a1f851b2bbe
-
SSDEEP
98304:5pCT1djdZ+yhmb0lQVw4L06EQmyWozLvFk:Mdfb5lqL06EQmyWULW
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-