General
-
Target
d163942e2f971c14a1bf362fc4406c873946d46782cb91c2e8dbfbbd45c49ad6
-
Size
4.1MB
-
Sample
220929-jtll4abbfp
-
MD5
c0935e3044b216a342b8749923681c13
-
SHA1
4403f6a5787554a0ae91a47450aba6222b29b46e
-
SHA256
d163942e2f971c14a1bf362fc4406c873946d46782cb91c2e8dbfbbd45c49ad6
-
SHA512
afecb7b11da78e5585fe7605c8321f445a27e2830347fcd8c5777ad8c5113e54f5c379a9fd2da287533175bae04f8b8e316339b9090779fb86c12e2266275fac
-
SSDEEP
98304:xGJmyWzVUrCRGv/zx2UT/UxFwxIGGijiQFakviz6okjW2:sJmyzPUxFwxrviOo2n
Static task
static1
Malware Config
Targets
-
-
Target
d163942e2f971c14a1bf362fc4406c873946d46782cb91c2e8dbfbbd45c49ad6
-
Size
4.1MB
-
MD5
c0935e3044b216a342b8749923681c13
-
SHA1
4403f6a5787554a0ae91a47450aba6222b29b46e
-
SHA256
d163942e2f971c14a1bf362fc4406c873946d46782cb91c2e8dbfbbd45c49ad6
-
SHA512
afecb7b11da78e5585fe7605c8321f445a27e2830347fcd8c5777ad8c5113e54f5c379a9fd2da287533175bae04f8b8e316339b9090779fb86c12e2266275fac
-
SSDEEP
98304:xGJmyWzVUrCRGv/zx2UT/UxFwxIGGijiQFakviz6okjW2:sJmyzPUxFwxrviOo2n
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-