General
-
Target
91a26eebf206a60f007ff5ef741bbb0c320e85e04b6fb8d9614754f3ff3a1d1e
-
Size
4.1MB
-
Sample
220928-pjnllafgh2
-
MD5
6d269f4cda0d58eb0529d0b55987149b
-
SHA1
43ad1342155648a735c8d490ca19ce72e03336ca
-
SHA256
91a26eebf206a60f007ff5ef741bbb0c320e85e04b6fb8d9614754f3ff3a1d1e
-
SHA512
1006c2646fe6b3fd69feb7dbb76ad791dcb4335180cf483aab02835545b42c104ff86983a4d3970b1556366679368a52be6a73e94b48a0ba8729c9f763dfd2c7
-
SSDEEP
98304:7EqtIc+FHIHoc33fo6LQu/PilF56sxcEj6TPtSAvh02fkf1D:4Lc+Sfo6LbPil+s9jwPtSAZ02fy1
Static task
static1
Malware Config
Targets
-
-
Target
91a26eebf206a60f007ff5ef741bbb0c320e85e04b6fb8d9614754f3ff3a1d1e
-
Size
4.1MB
-
MD5
6d269f4cda0d58eb0529d0b55987149b
-
SHA1
43ad1342155648a735c8d490ca19ce72e03336ca
-
SHA256
91a26eebf206a60f007ff5ef741bbb0c320e85e04b6fb8d9614754f3ff3a1d1e
-
SHA512
1006c2646fe6b3fd69feb7dbb76ad791dcb4335180cf483aab02835545b42c104ff86983a4d3970b1556366679368a52be6a73e94b48a0ba8729c9f763dfd2c7
-
SSDEEP
98304:7EqtIc+FHIHoc33fo6LQu/PilF56sxcEj6TPtSAvh02fkf1D:4Lc+Sfo6LbPil+s9jwPtSAZ02fy1
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-