General
-
Target
0d56e6931f64322796611eb28460a9685c8390b46bd3c69dbadc3a7f4fa2f1d4
-
Size
4.1MB
-
Sample
220928-xf2ytaggf9
-
MD5
68cc0ec318f10cde6f7089db776ba553
-
SHA1
343c487a09e3bc9031bf145a04527b77ab4dc960
-
SHA256
0d56e6931f64322796611eb28460a9685c8390b46bd3c69dbadc3a7f4fa2f1d4
-
SHA512
2b8ec707db7ea71a6c5993d56a3a1a56f3d9fd4c2193caa212df4bcdfe38d0aa001d0c6964b5e258d08a6006a80718bbe23d863af9e52456b05d81f49521ba94
-
SSDEEP
98304:k9KBwUCYB69eZqD1NQNJYIqzECChJySdioMZi3OX0QPOx5KGM4S2:cKB1ryeZqDnKC5ACChJV3MZSOrPO3KhW
Static task
static1
Malware Config
Targets
-
-
Target
0d56e6931f64322796611eb28460a9685c8390b46bd3c69dbadc3a7f4fa2f1d4
-
Size
4.1MB
-
MD5
68cc0ec318f10cde6f7089db776ba553
-
SHA1
343c487a09e3bc9031bf145a04527b77ab4dc960
-
SHA256
0d56e6931f64322796611eb28460a9685c8390b46bd3c69dbadc3a7f4fa2f1d4
-
SHA512
2b8ec707db7ea71a6c5993d56a3a1a56f3d9fd4c2193caa212df4bcdfe38d0aa001d0c6964b5e258d08a6006a80718bbe23d863af9e52456b05d81f49521ba94
-
SSDEEP
98304:k9KBwUCYB69eZqD1NQNJYIqzECChJySdioMZi3OX0QPOx5KGM4S2:cKB1ryeZqDnKC5ACChJV3MZSOrPO3KhW
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-