General
-
Target
cd29bf14841b28094153b2e7485c51be1dbe7ca8bab7e1b6ccd917bf619d3910
-
Size
4.0MB
-
Sample
220920-2qctwsabgk
-
MD5
a2e5478fc4ff9563fa366cc24c70cc6a
-
SHA1
0315dc9ed5fe444c0a22f684d12a967b080e16d9
-
SHA256
cd29bf14841b28094153b2e7485c51be1dbe7ca8bab7e1b6ccd917bf619d3910
-
SHA512
07d60a052651064be7dfa4ac5f56b858ae6c42835f38b261e0023e256ac0d98a28b62f67008f48a547d70d0d374aa22b7e599c1be77f031c2ee7016c254b5825
-
SSDEEP
98304:7jX+I32NOtHer53z6cVNHT4jB/cAE7ot+KLByTV+bOXLNHn+TB:/Xv3Hkxe0Nz4jCot+a0V5Je1
Static task
static1
Malware Config
Targets
-
-
Target
cd29bf14841b28094153b2e7485c51be1dbe7ca8bab7e1b6ccd917bf619d3910
-
Size
4.0MB
-
MD5
a2e5478fc4ff9563fa366cc24c70cc6a
-
SHA1
0315dc9ed5fe444c0a22f684d12a967b080e16d9
-
SHA256
cd29bf14841b28094153b2e7485c51be1dbe7ca8bab7e1b6ccd917bf619d3910
-
SHA512
07d60a052651064be7dfa4ac5f56b858ae6c42835f38b261e0023e256ac0d98a28b62f67008f48a547d70d0d374aa22b7e599c1be77f031c2ee7016c254b5825
-
SSDEEP
98304:7jX+I32NOtHer53z6cVNHT4jB/cAE7ot+KLByTV+bOXLNHn+TB:/Xv3Hkxe0Nz4jCot+a0V5Je1
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-