General
-
Target
c64fae724bff3b5bf15b6e4120893125a10c95acb5fd866f50d0152301f1a630
-
Size
4.2MB
-
Sample
220928-e9yt5sfaf3
-
MD5
ea772ec25e6f45a0b80f85496ff861a1
-
SHA1
ff4fa8158d7c3c6480bbe3b8c46e81aee0db6532
-
SHA256
c64fae724bff3b5bf15b6e4120893125a10c95acb5fd866f50d0152301f1a630
-
SHA512
c05ce0fc7dc03d418d3d652a47eef813384d41bf4e250ac9a5ff691a529cd21e6adab72195adc2efbeac40c7cbaae68a66dbde708973ebb0985bdedf325ab49f
-
SSDEEP
98304:ENW25W/u6pKwq1MVxa9nAzKFRt8mWDso68EHVMMInk1Mks4V9lJ78:MWpu6pVqceAGftXWJ68EHKigM7S
Static task
static1
Malware Config
Targets
-
-
Target
c64fae724bff3b5bf15b6e4120893125a10c95acb5fd866f50d0152301f1a630
-
Size
4.2MB
-
MD5
ea772ec25e6f45a0b80f85496ff861a1
-
SHA1
ff4fa8158d7c3c6480bbe3b8c46e81aee0db6532
-
SHA256
c64fae724bff3b5bf15b6e4120893125a10c95acb5fd866f50d0152301f1a630
-
SHA512
c05ce0fc7dc03d418d3d652a47eef813384d41bf4e250ac9a5ff691a529cd21e6adab72195adc2efbeac40c7cbaae68a66dbde708973ebb0985bdedf325ab49f
-
SSDEEP
98304:ENW25W/u6pKwq1MVxa9nAzKFRt8mWDso68EHVMMInk1Mks4V9lJ78:MWpu6pVqceAGftXWJ68EHKigM7S
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-