General
-
Target
da611e4c376fffcca3fb8b73a48c5be1cc1f72b6324bdd8a00c8aafa055009db
-
Size
4.1MB
-
Sample
220922-wr35ksfhem
-
MD5
a21ed55b4cb35b83a03dce1124be23c9
-
SHA1
cf7dde94463444ff7b1e7c1157819f0d8de4c707
-
SHA256
da611e4c376fffcca3fb8b73a48c5be1cc1f72b6324bdd8a00c8aafa055009db
-
SHA512
fc517f155d09097e6df5274c2d9c08bdbf7e066ffdff86ce6df114c58ba897e6204c50442ddb9b15f36ce458ad0554270673b5c7f615a32b3d45df5d53c53f07
-
SSDEEP
98304:7DbRQljTwoqFmbCRnCOI+860OtEdwtDaFRkZpxIAR7a3F1/Wx0:Le1TfUhRtEOteFRATIy7YH/l
Static task
static1
Malware Config
Targets
-
-
Target
da611e4c376fffcca3fb8b73a48c5be1cc1f72b6324bdd8a00c8aafa055009db
-
Size
4.1MB
-
MD5
a21ed55b4cb35b83a03dce1124be23c9
-
SHA1
cf7dde94463444ff7b1e7c1157819f0d8de4c707
-
SHA256
da611e4c376fffcca3fb8b73a48c5be1cc1f72b6324bdd8a00c8aafa055009db
-
SHA512
fc517f155d09097e6df5274c2d9c08bdbf7e066ffdff86ce6df114c58ba897e6204c50442ddb9b15f36ce458ad0554270673b5c7f615a32b3d45df5d53c53f07
-
SSDEEP
98304:7DbRQljTwoqFmbCRnCOI+860OtEdwtDaFRkZpxIAR7a3F1/Wx0:Le1TfUhRtEOteFRATIy7YH/l
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-