General
-
Target
c57b8f6a95af7407a445f7c8420e054feece701d840837db9cae4ad2c9ee702c
-
Size
4.0MB
-
Sample
220930-t2yxhafagk
-
MD5
0db33395c05111f9cf9e307057ae64d7
-
SHA1
1dfe7934b817f8876a2e729684c6b691590ee228
-
SHA256
c57b8f6a95af7407a445f7c8420e054feece701d840837db9cae4ad2c9ee702c
-
SHA512
18336b66f310f4e553a802163fccee77544dde64d7765681f41f6096e175c1a2643b36037f755a5f855dd92caa0d2a418afe27534d7ca60d42cfa6b489e82048
-
SSDEEP
98304:MNgx7wIB3wrdPJk9o6RBFukcEOJpcLI1f:JdwOGdPJk9o6RBFu5tpzf
Static task
static1
Malware Config
Targets
-
-
Target
c57b8f6a95af7407a445f7c8420e054feece701d840837db9cae4ad2c9ee702c
-
Size
4.0MB
-
MD5
0db33395c05111f9cf9e307057ae64d7
-
SHA1
1dfe7934b817f8876a2e729684c6b691590ee228
-
SHA256
c57b8f6a95af7407a445f7c8420e054feece701d840837db9cae4ad2c9ee702c
-
SHA512
18336b66f310f4e553a802163fccee77544dde64d7765681f41f6096e175c1a2643b36037f755a5f855dd92caa0d2a418afe27534d7ca60d42cfa6b489e82048
-
SSDEEP
98304:MNgx7wIB3wrdPJk9o6RBFukcEOJpcLI1f:JdwOGdPJk9o6RBFu5tpzf
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-