General
-
Target
9b157f5e016e4d4c2056d1b8a60c4836cb3ac71508f89d41a851910646089bf3
-
Size
4.0MB
-
Sample
221003-lyfmrahdep
-
MD5
926dd88e2637176c42eb8d48df9fd8c0
-
SHA1
467f93bfff3465ea9bc2c306c828a3957bf6ed31
-
SHA256
9b157f5e016e4d4c2056d1b8a60c4836cb3ac71508f89d41a851910646089bf3
-
SHA512
093a24046ad074ca19b8200f429eda9a6399b71fdf1591c92d53d2d379fe6b423548a2c6c214dce611d503c89725fb9c950900f98601422a852176354b7eb715
-
SSDEEP
98304:2cqUMjXw0rJa6GRa6FLAnvjCb+ZCBcjumNLt1:2czqc6ua/nvjCbmTzNLj
Static task
static1
Malware Config
Targets
-
-
Target
9b157f5e016e4d4c2056d1b8a60c4836cb3ac71508f89d41a851910646089bf3
-
Size
4.0MB
-
MD5
926dd88e2637176c42eb8d48df9fd8c0
-
SHA1
467f93bfff3465ea9bc2c306c828a3957bf6ed31
-
SHA256
9b157f5e016e4d4c2056d1b8a60c4836cb3ac71508f89d41a851910646089bf3
-
SHA512
093a24046ad074ca19b8200f429eda9a6399b71fdf1591c92d53d2d379fe6b423548a2c6c214dce611d503c89725fb9c950900f98601422a852176354b7eb715
-
SSDEEP
98304:2cqUMjXw0rJa6GRa6FLAnvjCb+ZCBcjumNLt1:2czqc6ua/nvjCbmTzNLj
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-