General
-
Target
2739c1c165fe931e1b86348fe775f112f781c25dde519b431b3319d5800ccfc8
-
Size
4.0MB
-
Sample
220925-fdpf9sefam
-
MD5
c38c721f4324791fbb452d765af071c9
-
SHA1
db42a4ec0d4fbacd9e12ab7eb26c3430cd7df2e2
-
SHA256
2739c1c165fe931e1b86348fe775f112f781c25dde519b431b3319d5800ccfc8
-
SHA512
c967d59222561287ecdedd6fff3e2617c2069600e56c53e33c7eb94cfa069f19e8efc61871c40fee40eb0915737daadd30844aed28b6cef46474e69fe12d3f64
-
SSDEEP
98304:ZXrR1quxqq3FsoAGvcgJPiMGBNqRQddvXHlVR1:ZXrf/sofHhoNuQddvVVX
Static task
static1
Malware Config
Targets
-
-
Target
2739c1c165fe931e1b86348fe775f112f781c25dde519b431b3319d5800ccfc8
-
Size
4.0MB
-
MD5
c38c721f4324791fbb452d765af071c9
-
SHA1
db42a4ec0d4fbacd9e12ab7eb26c3430cd7df2e2
-
SHA256
2739c1c165fe931e1b86348fe775f112f781c25dde519b431b3319d5800ccfc8
-
SHA512
c967d59222561287ecdedd6fff3e2617c2069600e56c53e33c7eb94cfa069f19e8efc61871c40fee40eb0915737daadd30844aed28b6cef46474e69fe12d3f64
-
SSDEEP
98304:ZXrR1quxqq3FsoAGvcgJPiMGBNqRQddvXHlVR1:ZXrf/sofHhoNuQddvVVX
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-