General
-
Target
5b8175ee72c014971c9ca253ec539df1333d9b84193dc8fe780644fbc9e30d7e
-
Size
4.2MB
-
Sample
220927-pjzc4addg5
-
MD5
d2d0d3b85ac128d96d03e531403a1774
-
SHA1
3158f40ef2cb1f3c54d2cdfa3ec3fffca95b3a3f
-
SHA256
5b8175ee72c014971c9ca253ec539df1333d9b84193dc8fe780644fbc9e30d7e
-
SHA512
924e5fffa8fd9550e06b6dd9b818cf4b7f22df83f32dadc03a98e9fb0887ca33a38f1a561e17869d2832b77d6a7bed2740367f66368628f0ba2d35c4732d0aa5
-
SSDEEP
98304:nvtk+77lRew9Yn0BLqFij+T41OvvchWlXzLSP6PQm++9t1xq7n:vFHlRZGlFij+81inJfQwt1xqz
Static task
static1
Malware Config
Targets
-
-
Target
5b8175ee72c014971c9ca253ec539df1333d9b84193dc8fe780644fbc9e30d7e
-
Size
4.2MB
-
MD5
d2d0d3b85ac128d96d03e531403a1774
-
SHA1
3158f40ef2cb1f3c54d2cdfa3ec3fffca95b3a3f
-
SHA256
5b8175ee72c014971c9ca253ec539df1333d9b84193dc8fe780644fbc9e30d7e
-
SHA512
924e5fffa8fd9550e06b6dd9b818cf4b7f22df83f32dadc03a98e9fb0887ca33a38f1a561e17869d2832b77d6a7bed2740367f66368628f0ba2d35c4732d0aa5
-
SSDEEP
98304:nvtk+77lRew9Yn0BLqFij+T41OvvchWlXzLSP6PQm++9t1xq7n:vFHlRZGlFij+81inJfQwt1xqz
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-