General
-
Target
cbc32a4fa2975e6fae3ea616f84b0cead4de1d66af1ed57196de4d5e22dd8211
-
Size
4.1MB
-
Sample
220922-f153jadgdq
-
MD5
918e57481cf9043fc541019b4ab2e2be
-
SHA1
7ac9a7b74a008050ac521a7941576e1cfd0ee3a6
-
SHA256
cbc32a4fa2975e6fae3ea616f84b0cead4de1d66af1ed57196de4d5e22dd8211
-
SHA512
a6941dad239c9b57b08b72495f7b1f4115bf45898a35b29108753bfe1e7915906c58e354e092cd8862c34d22fc4b42d32d779a6038b29e5f224990cc28e06625
-
SSDEEP
98304:jNnAonTe4vm8/ZHIns7O7d5qqjeMwmN0uQ1VqHXKQAmqY4HrR+HYMYP+q:RAoTVu8/5azLB0uQ1VqHa2qY4Hr8HEb
Static task
static1
Malware Config
Targets
-
-
Target
cbc32a4fa2975e6fae3ea616f84b0cead4de1d66af1ed57196de4d5e22dd8211
-
Size
4.1MB
-
MD5
918e57481cf9043fc541019b4ab2e2be
-
SHA1
7ac9a7b74a008050ac521a7941576e1cfd0ee3a6
-
SHA256
cbc32a4fa2975e6fae3ea616f84b0cead4de1d66af1ed57196de4d5e22dd8211
-
SHA512
a6941dad239c9b57b08b72495f7b1f4115bf45898a35b29108753bfe1e7915906c58e354e092cd8862c34d22fc4b42d32d779a6038b29e5f224990cc28e06625
-
SSDEEP
98304:jNnAonTe4vm8/ZHIns7O7d5qqjeMwmN0uQ1VqHXKQAmqY4HrR+HYMYP+q:RAoTVu8/5azLB0uQ1VqHa2qY4Hr8HEb
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-