General
-
Target
5e9ed58d6446fe859d262a5f5611917154e97367c716bd6bc6b0e4bce9926ed8
-
Size
4.1MB
-
Sample
221004-nsawesagd4
-
MD5
86721d336e4043a8934a56b30cd834d3
-
SHA1
78fd4edd90e944bee176765e4f1d4df4dd567769
-
SHA256
5e9ed58d6446fe859d262a5f5611917154e97367c716bd6bc6b0e4bce9926ed8
-
SHA512
f1a69fd92ff3fe92d41b661025542c7a0718e8717be1bfad2951bbcc633d01177826a9f258e845691d4060c8956b3a0fcdd5c6d04e6f2b5447301f807f4c5f56
-
SSDEEP
98304:KNKuJKLcd3/JOhk/Dzb2Wzzaz5xSuBtaVbAL:4hJ53x4kKWPatxAbAL
Static task
static1
Malware Config
Targets
-
-
Target
5e9ed58d6446fe859d262a5f5611917154e97367c716bd6bc6b0e4bce9926ed8
-
Size
4.1MB
-
MD5
86721d336e4043a8934a56b30cd834d3
-
SHA1
78fd4edd90e944bee176765e4f1d4df4dd567769
-
SHA256
5e9ed58d6446fe859d262a5f5611917154e97367c716bd6bc6b0e4bce9926ed8
-
SHA512
f1a69fd92ff3fe92d41b661025542c7a0718e8717be1bfad2951bbcc633d01177826a9f258e845691d4060c8956b3a0fcdd5c6d04e6f2b5447301f807f4c5f56
-
SSDEEP
98304:KNKuJKLcd3/JOhk/Dzb2Wzzaz5xSuBtaVbAL:4hJ53x4kKWPatxAbAL
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-