General
-
Target
e9675059ad84cfb6c6e68f566e641fb83545257693f9075bb0c7c0909d0104f6
-
Size
4.0MB
-
Sample
221003-x94dqscfh5
-
MD5
ef1a8e3ec042886e1add8adbccf8170c
-
SHA1
8181cbebfd295ede113d700032ec2e52531e2c04
-
SHA256
e9675059ad84cfb6c6e68f566e641fb83545257693f9075bb0c7c0909d0104f6
-
SHA512
82cff937f9e0b4560fb5f8d650922a398fd079a8f7a421ff3301066cf405d016af518ad21e11cd4e3413723c86165dd62db47fe713f6e5a0f422dd036fdf03ba
-
SSDEEP
98304:/WuYkb1N7MnxnaxcPhMd8VO1VACRCF+eY2I2eRA4la4QF65Mi:uuYwMn5axP8VOXFCF+Z2I2C8F67
Static task
static1
Malware Config
Targets
-
-
Target
e9675059ad84cfb6c6e68f566e641fb83545257693f9075bb0c7c0909d0104f6
-
Size
4.0MB
-
MD5
ef1a8e3ec042886e1add8adbccf8170c
-
SHA1
8181cbebfd295ede113d700032ec2e52531e2c04
-
SHA256
e9675059ad84cfb6c6e68f566e641fb83545257693f9075bb0c7c0909d0104f6
-
SHA512
82cff937f9e0b4560fb5f8d650922a398fd079a8f7a421ff3301066cf405d016af518ad21e11cd4e3413723c86165dd62db47fe713f6e5a0f422dd036fdf03ba
-
SSDEEP
98304:/WuYkb1N7MnxnaxcPhMd8VO1VACRCF+eY2I2eRA4la4QF65Mi:uuYwMn5axP8VOXFCF+Z2I2C8F67
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-