General
-
Target
2eccf3d5b8b25cae96b400c5a3f5bf66be5aaa30f9e8f6968b72da8f5cdb7a63
-
Size
4.2MB
-
Sample
220927-zg85maeeb4
-
MD5
abae8ad84e0f7e026519cf38bf96a2a0
-
SHA1
409a8cbb1686501ef49407e6ed0eb59f125206f0
-
SHA256
2eccf3d5b8b25cae96b400c5a3f5bf66be5aaa30f9e8f6968b72da8f5cdb7a63
-
SHA512
93642d0789eb4fb141268afb3fcefb3f1ffa144f71c4c52c3d1d28c5310b401668e286e3b78e9a3aebb42bbddfdbf6983bf1667715e619e060493fba4d66254b
-
SSDEEP
98304:ClZj7o2loMQCpV7rvBkQr3vw5GMwAl/2T3tqzzYPq:+17dlqC7rysGGMwAl/2reD
Static task
static1
Malware Config
Targets
-
-
Target
2eccf3d5b8b25cae96b400c5a3f5bf66be5aaa30f9e8f6968b72da8f5cdb7a63
-
Size
4.2MB
-
MD5
abae8ad84e0f7e026519cf38bf96a2a0
-
SHA1
409a8cbb1686501ef49407e6ed0eb59f125206f0
-
SHA256
2eccf3d5b8b25cae96b400c5a3f5bf66be5aaa30f9e8f6968b72da8f5cdb7a63
-
SHA512
93642d0789eb4fb141268afb3fcefb3f1ffa144f71c4c52c3d1d28c5310b401668e286e3b78e9a3aebb42bbddfdbf6983bf1667715e619e060493fba4d66254b
-
SSDEEP
98304:ClZj7o2loMQCpV7rvBkQr3vw5GMwAl/2T3tqzzYPq:+17dlqC7rysGGMwAl/2reD
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-