General
-
Target
6daac2262ca77661cece34585bf14db3a22238b7ebc504ced2dd21df2c493d8b
-
Size
4.1MB
-
Sample
220922-yn1amaccb5
-
MD5
89f95c4f385e6cac603ebd36dbd78923
-
SHA1
f8840928479da92504abe6d226ec09c1bf92ab0d
-
SHA256
6daac2262ca77661cece34585bf14db3a22238b7ebc504ced2dd21df2c493d8b
-
SHA512
72d3e4cc005fb34a8155c8c78df9165fc01d9189e68a9219fdb5c3130dd55e48da705f756b8d7c9341c191d2ad0ce2eeaaf214609e8669329dece46fbb129110
-
SSDEEP
98304:4H4RoKkJafRVoidoTx7i5Fvq23pHSKzYtb43/etRR54AZnuMn/qo:XRoKkAf4iCTx7iz13pfm43/ef48num
Static task
static1
Malware Config
Targets
-
-
Target
6daac2262ca77661cece34585bf14db3a22238b7ebc504ced2dd21df2c493d8b
-
Size
4.1MB
-
MD5
89f95c4f385e6cac603ebd36dbd78923
-
SHA1
f8840928479da92504abe6d226ec09c1bf92ab0d
-
SHA256
6daac2262ca77661cece34585bf14db3a22238b7ebc504ced2dd21df2c493d8b
-
SHA512
72d3e4cc005fb34a8155c8c78df9165fc01d9189e68a9219fdb5c3130dd55e48da705f756b8d7c9341c191d2ad0ce2eeaaf214609e8669329dece46fbb129110
-
SSDEEP
98304:4H4RoKkJafRVoidoTx7i5Fvq23pHSKzYtb43/etRR54AZnuMn/qo:XRoKkAf4iCTx7iz13pfm43/ef48num
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-