General
-
Target
af0819c2a4feccb00c7e88cf09e79e96cfd87cdd9026a1b0a15eb8d056aa2f1d
-
Size
4.1MB
-
Sample
220922-cwczeadbhr
-
MD5
1de37c7b3a681deea008f878e1a88b7c
-
SHA1
b68f0c08a9e8ad403bc11ddac9de27cd6f3b3b16
-
SHA256
af0819c2a4feccb00c7e88cf09e79e96cfd87cdd9026a1b0a15eb8d056aa2f1d
-
SHA512
f5b0b311c244f0e383dfb35ab27fbaa619e6021a29a76806c39289a757f771a7c90e6a88724c0e59b8db787b5b03b545438b5e5fbabb5caa3df29f54815c5fde
-
SSDEEP
98304:q8buX0yb9fYdf/23E8g/O9FWMvkhpae0V/ObmUPLkoUyJ:bKX0S8/23EfOVAQ1Oy+Lkod
Static task
static1
Malware Config
Targets
-
-
Target
af0819c2a4feccb00c7e88cf09e79e96cfd87cdd9026a1b0a15eb8d056aa2f1d
-
Size
4.1MB
-
MD5
1de37c7b3a681deea008f878e1a88b7c
-
SHA1
b68f0c08a9e8ad403bc11ddac9de27cd6f3b3b16
-
SHA256
af0819c2a4feccb00c7e88cf09e79e96cfd87cdd9026a1b0a15eb8d056aa2f1d
-
SHA512
f5b0b311c244f0e383dfb35ab27fbaa619e6021a29a76806c39289a757f771a7c90e6a88724c0e59b8db787b5b03b545438b5e5fbabb5caa3df29f54815c5fde
-
SSDEEP
98304:q8buX0yb9fYdf/23E8g/O9FWMvkhpae0V/ObmUPLkoUyJ:bKX0S8/23EfOVAQ1Oy+Lkod
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-