General
-
Target
c5ca34c3a5a95af279616cbb0516b5d09d57415256a17069b926760c38eafec3
-
Size
4.0MB
-
Sample
221002-scm82abfa9
-
MD5
55a9504df9520eebca55feef5707db77
-
SHA1
1fc848f35b4f58c570ef4dc5edaf0a262c4c2689
-
SHA256
c5ca34c3a5a95af279616cbb0516b5d09d57415256a17069b926760c38eafec3
-
SHA512
005458490d4bd5f60d907d4c8f835ef34bb8338a7b0b0fc65a4f83527b1ce8bd73feab02f3d1395ac03e48383074460f2ecef1009681c69950428490e47af3ee
-
SSDEEP
98304:hmhelsGS0NtrZ4ZSNKluW+ekfHkOlo25INWjyqJydFT:M6VHRZpK7+ek/kOPg
Static task
static1
Malware Config
Targets
-
-
Target
c5ca34c3a5a95af279616cbb0516b5d09d57415256a17069b926760c38eafec3
-
Size
4.0MB
-
MD5
55a9504df9520eebca55feef5707db77
-
SHA1
1fc848f35b4f58c570ef4dc5edaf0a262c4c2689
-
SHA256
c5ca34c3a5a95af279616cbb0516b5d09d57415256a17069b926760c38eafec3
-
SHA512
005458490d4bd5f60d907d4c8f835ef34bb8338a7b0b0fc65a4f83527b1ce8bd73feab02f3d1395ac03e48383074460f2ecef1009681c69950428490e47af3ee
-
SSDEEP
98304:hmhelsGS0NtrZ4ZSNKluW+ekfHkOlo25INWjyqJydFT:M6VHRZpK7+ek/kOPg
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-