General
-
Target
52b95b987569ae9925c70a6a68d61f808dcc118c0c7a3a25e5c1cc1b2c7cdddc
-
Size
4.1MB
-
Sample
221004-qnv2xabae9
-
MD5
7246b028315c5db5c5ccbae8d6205e4a
-
SHA1
e0f4adba4992042e628f5a016e4cd41209a199a6
-
SHA256
52b95b987569ae9925c70a6a68d61f808dcc118c0c7a3a25e5c1cc1b2c7cdddc
-
SHA512
c2cb99dd10f5a88f65a685f6fe32d87a516e37c8a07e531cc06ffcedd588b65611d58f1e57f6e1ddf7b0cdaf6427cb9ca44b98bd486a98f65c6122f1b2b51d4d
-
SSDEEP
98304:T2eGQSE9GEuJJ/RKgLKejI9MVZJmWtvAzN6TclWzeysT9+E:60puJVRKghgW5AzY8ryJE
Static task
static1
Malware Config
Targets
-
-
Target
52b95b987569ae9925c70a6a68d61f808dcc118c0c7a3a25e5c1cc1b2c7cdddc
-
Size
4.1MB
-
MD5
7246b028315c5db5c5ccbae8d6205e4a
-
SHA1
e0f4adba4992042e628f5a016e4cd41209a199a6
-
SHA256
52b95b987569ae9925c70a6a68d61f808dcc118c0c7a3a25e5c1cc1b2c7cdddc
-
SHA512
c2cb99dd10f5a88f65a685f6fe32d87a516e37c8a07e531cc06ffcedd588b65611d58f1e57f6e1ddf7b0cdaf6427cb9ca44b98bd486a98f65c6122f1b2b51d4d
-
SSDEEP
98304:T2eGQSE9GEuJJ/RKgLKejI9MVZJmWtvAzN6TclWzeysT9+E:60puJVRKghgW5AzY8ryJE
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-