General
-
Target
efca112a7977acac3977d7bb2173e707c7c30355cef6cc48c61304695dc547a7
-
Size
4.1MB
-
Sample
220922-p3v5sabee6
-
MD5
f050ca002be59c66ee2c0b24fcf85ec5
-
SHA1
3c0ee6786147ba940b56cd59e71fe215d9cd0a32
-
SHA256
efca112a7977acac3977d7bb2173e707c7c30355cef6cc48c61304695dc547a7
-
SHA512
7de3b8b46406801efed5ba959b228d1294504276c17afac644810c40f20bf7b4592f8496ecf86b62aae2c807f8106c0a04e7bc0f831cf20e0bde5b4b469fad06
-
SSDEEP
98304:81tqruineCsiTplaIqodjxLmpO5JBiIfkAyz/omJVea10:EQeCsCpBqcxapO5JBPkRTomJov
Static task
static1
Malware Config
Targets
-
-
Target
efca112a7977acac3977d7bb2173e707c7c30355cef6cc48c61304695dc547a7
-
Size
4.1MB
-
MD5
f050ca002be59c66ee2c0b24fcf85ec5
-
SHA1
3c0ee6786147ba940b56cd59e71fe215d9cd0a32
-
SHA256
efca112a7977acac3977d7bb2173e707c7c30355cef6cc48c61304695dc547a7
-
SHA512
7de3b8b46406801efed5ba959b228d1294504276c17afac644810c40f20bf7b4592f8496ecf86b62aae2c807f8106c0a04e7bc0f831cf20e0bde5b4b469fad06
-
SSDEEP
98304:81tqruineCsiTplaIqodjxLmpO5JBiIfkAyz/omJVea10:EQeCsCpBqcxapO5JBPkRTomJov
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-