General
-
Target
e872d52923a1da19314db5c0e26324fba6b922f55b5ecb4590341daa65172c6d
-
Size
4.0MB
-
Sample
220924-tvwhsschgn
-
MD5
ac60b308b3ca19f479d52db1bce644eb
-
SHA1
c8c3013642a5b064a94313c889a2eebfcb376761
-
SHA256
e872d52923a1da19314db5c0e26324fba6b922f55b5ecb4590341daa65172c6d
-
SHA512
7ec8d74ef96ed887d3f5456f3c051ea0c66a5d8e43055b828c9815b7fbd452fa118bac941b8cf3275453560a27f71ae68ee13e433f1b596bd1eb702b0f4ec6ca
-
SSDEEP
98304:p1vuUp/pxbnVrlhZBThv2+D2r2ojM5kyPXEcTGI:/2o7VrlhZL5k9cTGI
Static task
static1
Malware Config
Targets
-
-
Target
e872d52923a1da19314db5c0e26324fba6b922f55b5ecb4590341daa65172c6d
-
Size
4.0MB
-
MD5
ac60b308b3ca19f479d52db1bce644eb
-
SHA1
c8c3013642a5b064a94313c889a2eebfcb376761
-
SHA256
e872d52923a1da19314db5c0e26324fba6b922f55b5ecb4590341daa65172c6d
-
SHA512
7ec8d74ef96ed887d3f5456f3c051ea0c66a5d8e43055b828c9815b7fbd452fa118bac941b8cf3275453560a27f71ae68ee13e433f1b596bd1eb702b0f4ec6ca
-
SSDEEP
98304:p1vuUp/pxbnVrlhZBThv2+D2r2ojM5kyPXEcTGI:/2o7VrlhZL5k9cTGI
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-