General
-
Target
f031bc05f581152d49594a466ea4b652784d24e22e56979107dd91f52017208b
-
Size
4.1MB
-
Sample
220928-s61ffsgdc5
-
MD5
c3786b38e8031f2ffad22c33dd48cab8
-
SHA1
6cf1ed433730b0aa55d1c87d8d457deeaea98f11
-
SHA256
f031bc05f581152d49594a466ea4b652784d24e22e56979107dd91f52017208b
-
SHA512
ea46dda24b9d7b95b98aaa17efabec52c3f398ffa3abfd55b348ceb3834409937bb87b2ac5850924848cfa3e5dfbcaed3ea0e74698c179d01433c1e134a18a88
-
SSDEEP
98304:0Q06pqAyYsytFAts1TNclbelXeqw5vp8xoj0Dj:Z06pqAfsyjAaWeYqw5vpXQP
Static task
static1
Malware Config
Targets
-
-
Target
f031bc05f581152d49594a466ea4b652784d24e22e56979107dd91f52017208b
-
Size
4.1MB
-
MD5
c3786b38e8031f2ffad22c33dd48cab8
-
SHA1
6cf1ed433730b0aa55d1c87d8d457deeaea98f11
-
SHA256
f031bc05f581152d49594a466ea4b652784d24e22e56979107dd91f52017208b
-
SHA512
ea46dda24b9d7b95b98aaa17efabec52c3f398ffa3abfd55b348ceb3834409937bb87b2ac5850924848cfa3e5dfbcaed3ea0e74698c179d01433c1e134a18a88
-
SSDEEP
98304:0Q06pqAyYsytFAts1TNclbelXeqw5vp8xoj0Dj:Z06pqAfsyjAaWeYqw5vpXQP
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-