General
-
Target
7cc58aff6537b5c147d8da72bc5aac63408ba2412f2c6cd15afe35ce7c9ae2ad
-
Size
4.1MB
-
Sample
220918-wa8nqsfdhp
-
MD5
52129d4a87fbc5097d3c045bbc6e6e83
-
SHA1
a58ee74acc89eaf229ff1c6e27ece9b42ebc097b
-
SHA256
7cc58aff6537b5c147d8da72bc5aac63408ba2412f2c6cd15afe35ce7c9ae2ad
-
SHA512
24c11e8efecaab9b3c024e74893b12cfb2108264ba2672274b04ca7e6a85ec3d0379f70e4141bb2d640b5c663db3b32328df0d3d5e08d72a282a5b8582cbd9fb
-
SSDEEP
98304:W0HtV4uw4V0TwDwgr5b2SLXumeqqOJehgZDyocIt46/IR:XtVHw60THcSmuMvIKy
Static task
static1
Malware Config
Targets
-
-
Target
7cc58aff6537b5c147d8da72bc5aac63408ba2412f2c6cd15afe35ce7c9ae2ad
-
Size
4.1MB
-
MD5
52129d4a87fbc5097d3c045bbc6e6e83
-
SHA1
a58ee74acc89eaf229ff1c6e27ece9b42ebc097b
-
SHA256
7cc58aff6537b5c147d8da72bc5aac63408ba2412f2c6cd15afe35ce7c9ae2ad
-
SHA512
24c11e8efecaab9b3c024e74893b12cfb2108264ba2672274b04ca7e6a85ec3d0379f70e4141bb2d640b5c663db3b32328df0d3d5e08d72a282a5b8582cbd9fb
-
SSDEEP
98304:W0HtV4uw4V0TwDwgr5b2SLXumeqqOJehgZDyocIt46/IR:XtVHw60THcSmuMvIKy
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-