General
-
Target
843de9eeccaaf499d415cfbf5721e5f30eb1e6419b2d759b96ed0a24afe9a2f8
-
Size
4.1MB
-
Sample
220918-ttrhfsbea2
-
MD5
e1c440fc0ce7e90440a55fea70a0f401
-
SHA1
e836e78cc1bf3c6ae2821df2d41d16c4de032301
-
SHA256
843de9eeccaaf499d415cfbf5721e5f30eb1e6419b2d759b96ed0a24afe9a2f8
-
SHA512
31537da09541fce2765b940737f4c20fe58118421a99b8a5127f193621b946c9f33463705258ab880c4731933da2e75cb2d5c13c45f4f7da3c1df52e363150e0
-
SSDEEP
98304:onwfDK3u/GKS/r+qqK2bh/MWHXSNCPtftqKPZJah5IY:IwF/Vy+qchkwX51tqKPZJaHn
Static task
static1
Malware Config
Targets
-
-
Target
843de9eeccaaf499d415cfbf5721e5f30eb1e6419b2d759b96ed0a24afe9a2f8
-
Size
4.1MB
-
MD5
e1c440fc0ce7e90440a55fea70a0f401
-
SHA1
e836e78cc1bf3c6ae2821df2d41d16c4de032301
-
SHA256
843de9eeccaaf499d415cfbf5721e5f30eb1e6419b2d759b96ed0a24afe9a2f8
-
SHA512
31537da09541fce2765b940737f4c20fe58118421a99b8a5127f193621b946c9f33463705258ab880c4731933da2e75cb2d5c13c45f4f7da3c1df52e363150e0
-
SSDEEP
98304:onwfDK3u/GKS/r+qqK2bh/MWHXSNCPtftqKPZJah5IY:IwF/Vy+qchkwX51tqKPZJaHn
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-