General
-
Target
7624f52ce34318542a23e11882b5adab5cd4ab735a5257c0db49aaff83a6d230
-
Size
4.0MB
-
Sample
220921-fptkcsfbd8
-
MD5
b066e76f1f08f79f2ec2f5d04a3f53c4
-
SHA1
21e0d1d9fdb5e2f4dec7c7e789c4ebad102fa6e3
-
SHA256
7624f52ce34318542a23e11882b5adab5cd4ab735a5257c0db49aaff83a6d230
-
SHA512
200798bd98815876ee00e90d865a6dc54ccdb9e086d1b4c9f1f9e21ed6dd5bc1e7ead6551c3cd405290f8019ad59fc80544d9f660bf0b124cca382808b6affeb
-
SSDEEP
49152:MLXxa67HWLAOkMEsa75ioXApcxmdsUkU6Semw2uZfIu6OV+6KMWAQhlmpsa+:MLBa67H6AOpAihBdfpA9cOEbAQhopsL
Static task
static1
Malware Config
Targets
-
-
Target
7624f52ce34318542a23e11882b5adab5cd4ab735a5257c0db49aaff83a6d230
-
Size
4.0MB
-
MD5
b066e76f1f08f79f2ec2f5d04a3f53c4
-
SHA1
21e0d1d9fdb5e2f4dec7c7e789c4ebad102fa6e3
-
SHA256
7624f52ce34318542a23e11882b5adab5cd4ab735a5257c0db49aaff83a6d230
-
SHA512
200798bd98815876ee00e90d865a6dc54ccdb9e086d1b4c9f1f9e21ed6dd5bc1e7ead6551c3cd405290f8019ad59fc80544d9f660bf0b124cca382808b6affeb
-
SSDEEP
49152:MLXxa67HWLAOkMEsa75ioXApcxmdsUkU6Semw2uZfIu6OV+6KMWAQhlmpsa+:MLBa67H6AOpAihBdfpA9cOEbAQhopsL
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-