General
-
Target
705865ee06adbfd54b8e61c96ea62a577f914fad5b34cf694471f695324e7c58
-
Size
4.1MB
-
Sample
220929-e39cashge4
-
MD5
b5cbb5e44525277d1c4afaef73ff9054
-
SHA1
6de2a997d1854c1311197274fe54247eccdf6c60
-
SHA256
705865ee06adbfd54b8e61c96ea62a577f914fad5b34cf694471f695324e7c58
-
SHA512
b4a6b71bb227dbc0d89075e054c59418ff9ff05df572a3098a505b2b3314b7e8b3fb1e868907bc6ee6292a47bb8d1dc775554d2158de8221310f93878c8b4942
-
SSDEEP
98304:31XFW7vBw8YO/xYJ0y1A2b35WYDHWNpEEKj1ddU6C1:FXuBw8YYM0sb3kc+pEZbY
Static task
static1
Malware Config
Targets
-
-
Target
705865ee06adbfd54b8e61c96ea62a577f914fad5b34cf694471f695324e7c58
-
Size
4.1MB
-
MD5
b5cbb5e44525277d1c4afaef73ff9054
-
SHA1
6de2a997d1854c1311197274fe54247eccdf6c60
-
SHA256
705865ee06adbfd54b8e61c96ea62a577f914fad5b34cf694471f695324e7c58
-
SHA512
b4a6b71bb227dbc0d89075e054c59418ff9ff05df572a3098a505b2b3314b7e8b3fb1e868907bc6ee6292a47bb8d1dc775554d2158de8221310f93878c8b4942
-
SSDEEP
98304:31XFW7vBw8YO/xYJ0y1A2b35WYDHWNpEEKj1ddU6C1:FXuBw8YYM0sb3kc+pEZbY
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-