General
-
Target
0fda9b9b99e8fe10e326535ae461ed0e9146490bab13f75f84edaa78a73f9190
-
Size
4.1MB
-
Sample
220922-sn1cqsbgd3
-
MD5
5fd7ec09c9da0847fe9c89800f53d983
-
SHA1
eb66e1285f0737827489f766f96e24f99482bfb8
-
SHA256
0fda9b9b99e8fe10e326535ae461ed0e9146490bab13f75f84edaa78a73f9190
-
SHA512
c9294f5a6543458d308f4c2a163cdff02ebaaddd52ef64c1ee24a3f22d1f116b6710d50c2b70d78da64e17eec17d47f440f99c6acc5a229ed93596bf88423b0d
-
SSDEEP
98304:yXFeTkBJVWs0K+9Q5fGoFDccp8qN51AR0nRjkvYY/hcq4we:+FeTiVjt4Q5fLpp9DcOxYpcqU
Static task
static1
Malware Config
Targets
-
-
Target
0fda9b9b99e8fe10e326535ae461ed0e9146490bab13f75f84edaa78a73f9190
-
Size
4.1MB
-
MD5
5fd7ec09c9da0847fe9c89800f53d983
-
SHA1
eb66e1285f0737827489f766f96e24f99482bfb8
-
SHA256
0fda9b9b99e8fe10e326535ae461ed0e9146490bab13f75f84edaa78a73f9190
-
SHA512
c9294f5a6543458d308f4c2a163cdff02ebaaddd52ef64c1ee24a3f22d1f116b6710d50c2b70d78da64e17eec17d47f440f99c6acc5a229ed93596bf88423b0d
-
SSDEEP
98304:yXFeTkBJVWs0K+9Q5fGoFDccp8qN51AR0nRjkvYY/hcq4we:+FeTiVjt4Q5fLpp9DcOxYpcqU
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-