General
-
Target
f83b917e77f7f5f248b02685c34d5df3c4ea17b78626edb914e3828e11edbb83
-
Size
4.0MB
-
Sample
220921-t79k7accgp
-
MD5
00be38d7a52ae1fc780c35f3c5a87b75
-
SHA1
ddb264965fda0b091cc41d3bf62932cfc2c26863
-
SHA256
f83b917e77f7f5f248b02685c34d5df3c4ea17b78626edb914e3828e11edbb83
-
SHA512
49cc52fd4fdd901c2a1bebdf31b67516a6123011ae8c819e6ff944016825186580efe9a0540b38350fe798920d5bca3bfb010f4cfef66f854e585ad4e854a0f8
-
SSDEEP
98304:ElU7DPZGlbukxJ7mqoXvUBjyADa0CXxfqmeLUCMWNd:xDPZej7eXsyoa0CXhDKD
Static task
static1
Malware Config
Targets
-
-
Target
f83b917e77f7f5f248b02685c34d5df3c4ea17b78626edb914e3828e11edbb83
-
Size
4.0MB
-
MD5
00be38d7a52ae1fc780c35f3c5a87b75
-
SHA1
ddb264965fda0b091cc41d3bf62932cfc2c26863
-
SHA256
f83b917e77f7f5f248b02685c34d5df3c4ea17b78626edb914e3828e11edbb83
-
SHA512
49cc52fd4fdd901c2a1bebdf31b67516a6123011ae8c819e6ff944016825186580efe9a0540b38350fe798920d5bca3bfb010f4cfef66f854e585ad4e854a0f8
-
SSDEEP
98304:ElU7DPZGlbukxJ7mqoXvUBjyADa0CXxfqmeLUCMWNd:xDPZej7eXsyoa0CXhDKD
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-