General
-
Target
cd8315921b38bcc7bd6d9aa904d2a3ed0a97b8819763783b7f2eb457195de243
-
Size
4.0MB
-
Sample
220930-2expxsgaep
-
MD5
bc1c718490df07a63bd4f5690c321cea
-
SHA1
5cb51134b09eed03082199378a2e83c612b25c26
-
SHA256
cd8315921b38bcc7bd6d9aa904d2a3ed0a97b8819763783b7f2eb457195de243
-
SHA512
f47a912f9a0461d0cc382dbe31f3f5fb30d40d01220cc7ede040683cc7fcefc4063fe1d7e1aababb094eb8262306e69352b916fb009bd5b2f3f501c10536ffc5
-
SSDEEP
98304:6rP/tGi/H0XIDCa3ltvSyBdUszkFvBW1iq2eMhLSzyaRuErG/ZUb:6b/sirP3rzBissvB+inRhmze7/ZK
Static task
static1
Malware Config
Targets
-
-
Target
cd8315921b38bcc7bd6d9aa904d2a3ed0a97b8819763783b7f2eb457195de243
-
Size
4.0MB
-
MD5
bc1c718490df07a63bd4f5690c321cea
-
SHA1
5cb51134b09eed03082199378a2e83c612b25c26
-
SHA256
cd8315921b38bcc7bd6d9aa904d2a3ed0a97b8819763783b7f2eb457195de243
-
SHA512
f47a912f9a0461d0cc382dbe31f3f5fb30d40d01220cc7ede040683cc7fcefc4063fe1d7e1aababb094eb8262306e69352b916fb009bd5b2f3f501c10536ffc5
-
SSDEEP
98304:6rP/tGi/H0XIDCa3ltvSyBdUszkFvBW1iq2eMhLSzyaRuErG/ZUb:6b/sirP3rzBissvB+inRhmze7/ZK
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-