General
-
Target
d54f96cb7cc0c4c29fd8a9ed2e69b82abde930fb105978b20cec2f4702030ce7
-
Size
4.0MB
-
Sample
220930-x3fzvseeb6
-
MD5
66bbc5ed202747c14e43f4eb57b892b2
-
SHA1
c88e0030c2482c9a676a291096ef466dc8a33878
-
SHA256
d54f96cb7cc0c4c29fd8a9ed2e69b82abde930fb105978b20cec2f4702030ce7
-
SHA512
bdc8d564c058fe3fb0ac53efaada84f03d76d53f9b9ec863898f55ea5f09a5cfa0a658d9a386690dd3482e9e4e1eb576d50e70c9325dbf5d23a7994c984d2dd7
-
SSDEEP
98304:CSAWqlKQxJpSm08jlBk8H6+RRSaQlTI+DwqxsghRuu:/cJxqn8jlZSRlTQqxZRuu
Static task
static1
Malware Config
Targets
-
-
Target
d54f96cb7cc0c4c29fd8a9ed2e69b82abde930fb105978b20cec2f4702030ce7
-
Size
4.0MB
-
MD5
66bbc5ed202747c14e43f4eb57b892b2
-
SHA1
c88e0030c2482c9a676a291096ef466dc8a33878
-
SHA256
d54f96cb7cc0c4c29fd8a9ed2e69b82abde930fb105978b20cec2f4702030ce7
-
SHA512
bdc8d564c058fe3fb0ac53efaada84f03d76d53f9b9ec863898f55ea5f09a5cfa0a658d9a386690dd3482e9e4e1eb576d50e70c9325dbf5d23a7994c984d2dd7
-
SSDEEP
98304:CSAWqlKQxJpSm08jlBk8H6+RRSaQlTI+DwqxsghRuu:/cJxqn8jlZSRlTQqxZRuu
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-