General
-
Target
bf937e4e8d850cfa538681f4620a8715021d05e444f78110e772bb299ea28a7d
-
Size
4.0MB
-
Sample
220926-st7n1acdar
-
MD5
164bea02a0511fe873b2e5446fc2753a
-
SHA1
5ed53a31506d796c2fb8bb85f59f6b1fda7aa3b4
-
SHA256
bf937e4e8d850cfa538681f4620a8715021d05e444f78110e772bb299ea28a7d
-
SHA512
4e81c59ebe97357256a1dca2490730b973c6b60bf5f4cb0061545da77e3f737ec93f31e7d60baf1c085b8d94ed3f016519221bb5638cf68252672f36b20b40c2
-
SSDEEP
98304:/2m/Vhq6n71QTAmSOWUuxUjvFD05dPsGPdU1pJkA2Fq/I:ewrqQ1QTYOWaFD05dP7U1pJpeN
Static task
static1
Malware Config
Targets
-
-
Target
bf937e4e8d850cfa538681f4620a8715021d05e444f78110e772bb299ea28a7d
-
Size
4.0MB
-
MD5
164bea02a0511fe873b2e5446fc2753a
-
SHA1
5ed53a31506d796c2fb8bb85f59f6b1fda7aa3b4
-
SHA256
bf937e4e8d850cfa538681f4620a8715021d05e444f78110e772bb299ea28a7d
-
SHA512
4e81c59ebe97357256a1dca2490730b973c6b60bf5f4cb0061545da77e3f737ec93f31e7d60baf1c085b8d94ed3f016519221bb5638cf68252672f36b20b40c2
-
SSDEEP
98304:/2m/Vhq6n71QTAmSOWUuxUjvFD05dPsGPdU1pJkA2Fq/I:ewrqQ1QTYOWaFD05dP7U1pJpeN
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-