General
-
Target
861ebd947f4c2b086dabb62e64d90aba7ca15185c3f153b385fa86b6f8bc8862
-
Size
4.0MB
-
Sample
220924-lgkv5sccdp
-
MD5
511a9f565cc07ffe818fd854e5f37850
-
SHA1
48042026e077b92410db3fbe06a4b1759e2897c8
-
SHA256
861ebd947f4c2b086dabb62e64d90aba7ca15185c3f153b385fa86b6f8bc8862
-
SHA512
3278bbcff8ccfbc400ebda5d203ec2775f7993d83bd99a7a7e07289f1abed1fe310dc89c210872fa02114fdcbe84a168c2347198ab85bc30b9c5ea4bc1aea80b
-
SSDEEP
98304:fXLKicQyCVI1xnH2fHMdxxDH5EEIjKbGPJfZLn:fOeySPsjAKbGP1Zr
Static task
static1
Malware Config
Targets
-
-
Target
861ebd947f4c2b086dabb62e64d90aba7ca15185c3f153b385fa86b6f8bc8862
-
Size
4.0MB
-
MD5
511a9f565cc07ffe818fd854e5f37850
-
SHA1
48042026e077b92410db3fbe06a4b1759e2897c8
-
SHA256
861ebd947f4c2b086dabb62e64d90aba7ca15185c3f153b385fa86b6f8bc8862
-
SHA512
3278bbcff8ccfbc400ebda5d203ec2775f7993d83bd99a7a7e07289f1abed1fe310dc89c210872fa02114fdcbe84a168c2347198ab85bc30b9c5ea4bc1aea80b
-
SSDEEP
98304:fXLKicQyCVI1xnH2fHMdxxDH5EEIjKbGPJfZLn:fOeySPsjAKbGP1Zr
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-