General
-
Target
dee1ad01acc568321de6181882b237af839e7153a943343d56644884fef4e82c
-
Size
4.0MB
-
Sample
220926-xs8xwschep
-
MD5
e32f2c32c5ee6726873c8ee58a9c2dfb
-
SHA1
38427a4762f45c7457969dc913297257a5b73990
-
SHA256
dee1ad01acc568321de6181882b237af839e7153a943343d56644884fef4e82c
-
SHA512
251b7b4fd672d514adee8752ba7c2ed94d50599adad6d0b354dfbc7b5d0fcc36361b5edba0186e08acd96e82e4cdda6479c262a24a7671d49703d4426b4aa751
-
SSDEEP
98304:m7edekgigunh06Ik9TeoPWZZ5XO9Ah7sd6zUz:egekdhHIkcgW0uFsdKo
Static task
static1
Malware Config
Targets
-
-
Target
dee1ad01acc568321de6181882b237af839e7153a943343d56644884fef4e82c
-
Size
4.0MB
-
MD5
e32f2c32c5ee6726873c8ee58a9c2dfb
-
SHA1
38427a4762f45c7457969dc913297257a5b73990
-
SHA256
dee1ad01acc568321de6181882b237af839e7153a943343d56644884fef4e82c
-
SHA512
251b7b4fd672d514adee8752ba7c2ed94d50599adad6d0b354dfbc7b5d0fcc36361b5edba0186e08acd96e82e4cdda6479c262a24a7671d49703d4426b4aa751
-
SSDEEP
98304:m7edekgigunh06Ik9TeoPWZZ5XO9Ah7sd6zUz:egekdhHIkcgW0uFsdKo
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-