General
-
Target
0ed42eab44512ff11f6fc9d32403cea2714269c0428965e3a38d0ba59d976b91
-
Size
4.1MB
-
Sample
220928-3lnw2aadgk
-
MD5
bd2857f49004cfc36db6efdb4558dd30
-
SHA1
e99a5c92384d704b0406a7aa0ab4854bd3c61435
-
SHA256
0ed42eab44512ff11f6fc9d32403cea2714269c0428965e3a38d0ba59d976b91
-
SHA512
bbc36e80f05505e071cc2e4dab324a3c6c1b44b22fe238662f232118bf1d5366e367b901108a099ebf5f191412dd9988b8b34a409b98f17bf8661e8ecd89a1c8
-
SSDEEP
98304:U34VUaueXBpdAgdOSHg2X/pLvlj95vLNVg:WZarxpdMO/Bf5Ry
Static task
static1
Malware Config
Targets
-
-
Target
0ed42eab44512ff11f6fc9d32403cea2714269c0428965e3a38d0ba59d976b91
-
Size
4.1MB
-
MD5
bd2857f49004cfc36db6efdb4558dd30
-
SHA1
e99a5c92384d704b0406a7aa0ab4854bd3c61435
-
SHA256
0ed42eab44512ff11f6fc9d32403cea2714269c0428965e3a38d0ba59d976b91
-
SHA512
bbc36e80f05505e071cc2e4dab324a3c6c1b44b22fe238662f232118bf1d5366e367b901108a099ebf5f191412dd9988b8b34a409b98f17bf8661e8ecd89a1c8
-
SSDEEP
98304:U34VUaueXBpdAgdOSHg2X/pLvlj95vLNVg:WZarxpdMO/Bf5Ry
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-