General
-
Target
343c36cd30f8c45eda6b9b57ec3ab277a2680bfee574d56f08ebeadc35e2d48a
-
Size
4.0MB
-
Sample
220930-nlt1qaecgr
-
MD5
5fe3faee45acdeb4de77744e41487d31
-
SHA1
22104a78881c3babdad8cb15c6d31b47d204aafb
-
SHA256
343c36cd30f8c45eda6b9b57ec3ab277a2680bfee574d56f08ebeadc35e2d48a
-
SHA512
bda615a4838069470b943f3fc6d4ffcdbfec7e3d3205c9e69f695075b1adf7c75ad9c1d6b64e5abc1518ef8d32c4d65bb408daa70516f3931b5831721832aecc
-
SSDEEP
98304:u0XtUl0XYdjrdCQlP3fS1IpbAv7FXOd6Nwvst0X:PXal1rIdCb8hSg0X
Static task
static1
Malware Config
Targets
-
-
Target
343c36cd30f8c45eda6b9b57ec3ab277a2680bfee574d56f08ebeadc35e2d48a
-
Size
4.0MB
-
MD5
5fe3faee45acdeb4de77744e41487d31
-
SHA1
22104a78881c3babdad8cb15c6d31b47d204aafb
-
SHA256
343c36cd30f8c45eda6b9b57ec3ab277a2680bfee574d56f08ebeadc35e2d48a
-
SHA512
bda615a4838069470b943f3fc6d4ffcdbfec7e3d3205c9e69f695075b1adf7c75ad9c1d6b64e5abc1518ef8d32c4d65bb408daa70516f3931b5831721832aecc
-
SSDEEP
98304:u0XtUl0XYdjrdCQlP3fS1IpbAv7FXOd6Nwvst0X:PXal1rIdCb8hSg0X
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-