General
-
Target
d51ba7172c3345ed52e054c23a65e7cf2295aa4d35bd0ab2ee1bff4126c92f9c
-
Size
4.0MB
-
Sample
220923-xx69vsbbbq
-
MD5
b282a63735ff8315630013aa8751ac21
-
SHA1
bd83b6d21df251d1fdf9b93775ada8eb5219e4f2
-
SHA256
d51ba7172c3345ed52e054c23a65e7cf2295aa4d35bd0ab2ee1bff4126c92f9c
-
SHA512
b7f64c78044048caeb892973fd0c7675006b243c94e29faabc5192166fa5f8739ac510c889ae4b4e2081b27c405c1b2ca3d6def9e73f9b667f445033a648a28d
-
SSDEEP
98304:EYgLZ/FcA4ce5LnAhZbXphu+jP8zmfXxWlj/zQe5iSyOQmoHf:EYgLZ/ec0ALbZNEzygX2/
Static task
static1
Malware Config
Targets
-
-
Target
d51ba7172c3345ed52e054c23a65e7cf2295aa4d35bd0ab2ee1bff4126c92f9c
-
Size
4.0MB
-
MD5
b282a63735ff8315630013aa8751ac21
-
SHA1
bd83b6d21df251d1fdf9b93775ada8eb5219e4f2
-
SHA256
d51ba7172c3345ed52e054c23a65e7cf2295aa4d35bd0ab2ee1bff4126c92f9c
-
SHA512
b7f64c78044048caeb892973fd0c7675006b243c94e29faabc5192166fa5f8739ac510c889ae4b4e2081b27c405c1b2ca3d6def9e73f9b667f445033a648a28d
-
SSDEEP
98304:EYgLZ/FcA4ce5LnAhZbXphu+jP8zmfXxWlj/zQe5iSyOQmoHf:EYgLZ/ec0ALbZNEzygX2/
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-