General
-
Target
9d139b103733a5442d62346199115288c53a3d07216e69787cbd34d7c4930ea6
-
Size
4.1MB
-
Sample
220922-mbyqgsbbe3
-
MD5
f4b4553bf2317c79f1581e69f945e97f
-
SHA1
7deabd5d875f7496fba77e1e5744dc0845701c3b
-
SHA256
9d139b103733a5442d62346199115288c53a3d07216e69787cbd34d7c4930ea6
-
SHA512
a85f9f91405dca2f211ac7a12101e8ba138fda7c8becf1c2a8691a03e502b0f8e5f736912ad0c9528e9d416cde8ddda3ffb627beafa15659732dda22e829808e
-
SSDEEP
98304:CeYVW5kUqi+T1VQhiPNfUDaM9XOHHAdskEPvSmAu9p1+DKQZ:LuWVqiYHQhiPN3zHA6XS+9p1HC
Static task
static1
Malware Config
Targets
-
-
Target
9d139b103733a5442d62346199115288c53a3d07216e69787cbd34d7c4930ea6
-
Size
4.1MB
-
MD5
f4b4553bf2317c79f1581e69f945e97f
-
SHA1
7deabd5d875f7496fba77e1e5744dc0845701c3b
-
SHA256
9d139b103733a5442d62346199115288c53a3d07216e69787cbd34d7c4930ea6
-
SHA512
a85f9f91405dca2f211ac7a12101e8ba138fda7c8becf1c2a8691a03e502b0f8e5f736912ad0c9528e9d416cde8ddda3ffb627beafa15659732dda22e829808e
-
SSDEEP
98304:CeYVW5kUqi+T1VQhiPNfUDaM9XOHHAdskEPvSmAu9p1+DKQZ:LuWVqiYHQhiPN3zHA6XS+9p1HC
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-