General
-
Target
615b7df8152c1897c04478b95c2425ee2de27f8c3ce6974cd4f73eff130eaa2b
-
Size
4.0MB
-
Sample
220923-lc1e2agcg6
-
MD5
b290eb903540f5f6678d37feaae359f1
-
SHA1
e3c17bcd1bd1eee6ffa30d8a9bfc4ec92ced20d1
-
SHA256
615b7df8152c1897c04478b95c2425ee2de27f8c3ce6974cd4f73eff130eaa2b
-
SHA512
35c41753be6c885cb7c933b1ee4a0b5d65b053c671fff9da81dae0d0810791c52c34782bc9aa2bc7753067c67faf48cf90760edf1ff6f0a389d3a7d9bf79d758
-
SSDEEP
98304:id8f1PNTuEXZJ29zoCnUWTpk5FSklO2nHcYx+/Kh:a6UES5K1O2nHZxDh
Static task
static1
Malware Config
Targets
-
-
Target
615b7df8152c1897c04478b95c2425ee2de27f8c3ce6974cd4f73eff130eaa2b
-
Size
4.0MB
-
MD5
b290eb903540f5f6678d37feaae359f1
-
SHA1
e3c17bcd1bd1eee6ffa30d8a9bfc4ec92ced20d1
-
SHA256
615b7df8152c1897c04478b95c2425ee2de27f8c3ce6974cd4f73eff130eaa2b
-
SHA512
35c41753be6c885cb7c933b1ee4a0b5d65b053c671fff9da81dae0d0810791c52c34782bc9aa2bc7753067c67faf48cf90760edf1ff6f0a389d3a7d9bf79d758
-
SSDEEP
98304:id8f1PNTuEXZJ29zoCnUWTpk5FSklO2nHcYx+/Kh:a6UES5K1O2nHZxDh
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-