General
-
Target
221725df816a7eeebf1f4ad8aee15b1428cce662115d8af886bbc2d5df242841
-
Size
4.0MB
-
Sample
221001-bkpndsgcbm
-
MD5
b505bfd6a52e8420f283ac55383e9f74
-
SHA1
df75b472edd00506e5364bce3b811071f2ceba29
-
SHA256
221725df816a7eeebf1f4ad8aee15b1428cce662115d8af886bbc2d5df242841
-
SHA512
aa033d44dfdc6ab4a99eed7965c4bad314ac070547a78378e39a11d3d96d9464a6d375c8dbb90e92e0ee5b37f0773b48d47da32bce79127918c2aacf74173601
-
SSDEEP
98304:rZJQdLPuIco6uV3y/m29KkzELu0+DUGP+KPiqa/:rZJOLPuIfJC/f3zELu0+gi+KPiv
Static task
static1
Malware Config
Targets
-
-
Target
221725df816a7eeebf1f4ad8aee15b1428cce662115d8af886bbc2d5df242841
-
Size
4.0MB
-
MD5
b505bfd6a52e8420f283ac55383e9f74
-
SHA1
df75b472edd00506e5364bce3b811071f2ceba29
-
SHA256
221725df816a7eeebf1f4ad8aee15b1428cce662115d8af886bbc2d5df242841
-
SHA512
aa033d44dfdc6ab4a99eed7965c4bad314ac070547a78378e39a11d3d96d9464a6d375c8dbb90e92e0ee5b37f0773b48d47da32bce79127918c2aacf74173601
-
SSDEEP
98304:rZJQdLPuIco6uV3y/m29KkzELu0+DUGP+KPiqa/:rZJOLPuIfJC/f3zELu0+gi+KPiv
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-