General
-
Target
dd7734e5af0eb66111943776d1d30137043dd2e52505e4594a837a3ecf6ba64f
-
Size
4.0MB
-
Sample
220924-mj3z6scdhr
-
MD5
ebbe616b66ba24333a2ff0806fcabb7f
-
SHA1
d25cc319435c2735f4432b140f8449c86afcc99e
-
SHA256
dd7734e5af0eb66111943776d1d30137043dd2e52505e4594a837a3ecf6ba64f
-
SHA512
146f0e6f7d17e854a11d09be9a2a35a8e79614f82564a18222f9917afb3a3ec7558f8f71791c29c5f237e52c8547c9b795009d525565deb5a28d29bb00eb23f8
-
SSDEEP
98304:Km9MdMCe6e4ZJiTwPUBNqD2JKIszPl1T1oW7gCOlPk0B8ECkZ3n:PMdMCc0SNm3zPlVvOG0Kzkd
Static task
static1
Malware Config
Targets
-
-
Target
dd7734e5af0eb66111943776d1d30137043dd2e52505e4594a837a3ecf6ba64f
-
Size
4.0MB
-
MD5
ebbe616b66ba24333a2ff0806fcabb7f
-
SHA1
d25cc319435c2735f4432b140f8449c86afcc99e
-
SHA256
dd7734e5af0eb66111943776d1d30137043dd2e52505e4594a837a3ecf6ba64f
-
SHA512
146f0e6f7d17e854a11d09be9a2a35a8e79614f82564a18222f9917afb3a3ec7558f8f71791c29c5f237e52c8547c9b795009d525565deb5a28d29bb00eb23f8
-
SSDEEP
98304:Km9MdMCe6e4ZJiTwPUBNqD2JKIszPl1T1oW7gCOlPk0B8ECkZ3n:PMdMCc0SNm3zPlVvOG0Kzkd
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-