General
-
Target
7efa708f351dc0aa759664e1617b7e1c0fca835f9653cf69870f6ee0fa0f67c6
-
Size
4.1MB
-
Sample
220919-wv3cfsfghm
-
MD5
88ebbb72d97406fad5f0ea79e044e73f
-
SHA1
4c3bcc55454e33a706fc0ebb68f0dbbae39156d4
-
SHA256
7efa708f351dc0aa759664e1617b7e1c0fca835f9653cf69870f6ee0fa0f67c6
-
SHA512
a2b8475677783e3dd2f224a74d381924b2694063ce6295a33cafe6f572fb4556e9edd9e7cb3c23c751c6885bd16d3d5bd17fa9dc308e692290886ad05655fe8e
-
SSDEEP
98304:RjHvJqouqiC3QGvlTnh7Dz1oxVLAglPvy+LxeNLCwjey05+j:FEHC3bvzL2xNRaexeNLCwKyiW
Static task
static1
Malware Config
Targets
-
-
Target
7efa708f351dc0aa759664e1617b7e1c0fca835f9653cf69870f6ee0fa0f67c6
-
Size
4.1MB
-
MD5
88ebbb72d97406fad5f0ea79e044e73f
-
SHA1
4c3bcc55454e33a706fc0ebb68f0dbbae39156d4
-
SHA256
7efa708f351dc0aa759664e1617b7e1c0fca835f9653cf69870f6ee0fa0f67c6
-
SHA512
a2b8475677783e3dd2f224a74d381924b2694063ce6295a33cafe6f572fb4556e9edd9e7cb3c23c751c6885bd16d3d5bd17fa9dc308e692290886ad05655fe8e
-
SSDEEP
98304:RjHvJqouqiC3QGvlTnh7Dz1oxVLAglPvy+LxeNLCwjey05+j:FEHC3bvzL2xNRaexeNLCwKyiW
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-