General
-
Target
ed723d099a7c51e21a9985b09745ad4778b96137ebc47c7df84f4893c17adab8
-
Size
4.2MB
-
Sample
220928-k2kkfagfam
-
MD5
6ff01b2485c1cbfff15f0984b099b500
-
SHA1
19ee5a1112f718cea46940cdb8d71eb615d317a6
-
SHA256
ed723d099a7c51e21a9985b09745ad4778b96137ebc47c7df84f4893c17adab8
-
SHA512
70ec9c13e76a918b7fec1b17d7638a2e7fff7fc07ec1ea8d5405412c5171f67919d70681685274897409f285471c9d338978e35136e250a04f886ad79397405c
-
SSDEEP
98304:1WP1yNi8lWDoR3dKx/cH5Mj8WrjLx/wxRixTC4Hixh4Br3JMsmrp:EP1luWDo1dKYnW1CRi4JD4c99
Static task
static1
Malware Config
Targets
-
-
Target
ed723d099a7c51e21a9985b09745ad4778b96137ebc47c7df84f4893c17adab8
-
Size
4.2MB
-
MD5
6ff01b2485c1cbfff15f0984b099b500
-
SHA1
19ee5a1112f718cea46940cdb8d71eb615d317a6
-
SHA256
ed723d099a7c51e21a9985b09745ad4778b96137ebc47c7df84f4893c17adab8
-
SHA512
70ec9c13e76a918b7fec1b17d7638a2e7fff7fc07ec1ea8d5405412c5171f67919d70681685274897409f285471c9d338978e35136e250a04f886ad79397405c
-
SSDEEP
98304:1WP1yNi8lWDoR3dKx/cH5Mj8WrjLx/wxRixTC4Hixh4Br3JMsmrp:EP1luWDo1dKYnW1CRi4JD4c99
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-