General
-
Target
8a32b280afcb4a5a1590d84f6ba38e105074298e3f21fb85272d51cb307e168b
-
Size
4.1MB
-
Sample
221004-tdgcjsbde4
-
MD5
9a7c11fb7d08c03186456ec5c3c3e265
-
SHA1
1b6167d0d006fc21912eae0ada689b262c650386
-
SHA256
8a32b280afcb4a5a1590d84f6ba38e105074298e3f21fb85272d51cb307e168b
-
SHA512
6ac6b3d6f238dd753e0aec45f269d91095456f59ae9d65dcf3b3a2540aa36f924200ecc0f469e316d508cda988d52803955c4a31bdb15fe77c2a137f1ad5ad25
-
SSDEEP
98304:9y4n2JD9x0ozAA+txAGdxS9txkPMa6aWNOVoVEX37d4rr:Bn2JDgyAdx7WU6aWIVocd4rr
Static task
static1
Malware Config
Targets
-
-
Target
8a32b280afcb4a5a1590d84f6ba38e105074298e3f21fb85272d51cb307e168b
-
Size
4.1MB
-
MD5
9a7c11fb7d08c03186456ec5c3c3e265
-
SHA1
1b6167d0d006fc21912eae0ada689b262c650386
-
SHA256
8a32b280afcb4a5a1590d84f6ba38e105074298e3f21fb85272d51cb307e168b
-
SHA512
6ac6b3d6f238dd753e0aec45f269d91095456f59ae9d65dcf3b3a2540aa36f924200ecc0f469e316d508cda988d52803955c4a31bdb15fe77c2a137f1ad5ad25
-
SSDEEP
98304:9y4n2JD9x0ozAA+txAGdxS9txkPMa6aWNOVoVEX37d4rr:Bn2JDgyAdx7WU6aWIVocd4rr
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-