General
-
Target
03dd8b16f11ec134e2fe0ed33dc2694f28e33f544970bac25a43d871f1e4ec7c
-
Size
4.1MB
-
Sample
221004-yg7fcsccd2
-
MD5
84cda9398cdf366718b860cde77cba83
-
SHA1
88c6f1ad9cf2c4033a5a09c47536a9d36b541e27
-
SHA256
03dd8b16f11ec134e2fe0ed33dc2694f28e33f544970bac25a43d871f1e4ec7c
-
SHA512
f0ac628d3b26910407f2f29885f0bb46082db9772d0315b1a268824618435f24fe67abee3ab963182896ef958843a0b8efe9fa1c9843100f846aae0b3ae80026
-
SSDEEP
98304:HzxqG1SKmYd/2qZKw/env6faT3uP9cVXQqxxnxFi0H:TxqG1StYduqZKw/enS2BxtH
Static task
static1
Malware Config
Targets
-
-
Target
03dd8b16f11ec134e2fe0ed33dc2694f28e33f544970bac25a43d871f1e4ec7c
-
Size
4.1MB
-
MD5
84cda9398cdf366718b860cde77cba83
-
SHA1
88c6f1ad9cf2c4033a5a09c47536a9d36b541e27
-
SHA256
03dd8b16f11ec134e2fe0ed33dc2694f28e33f544970bac25a43d871f1e4ec7c
-
SHA512
f0ac628d3b26910407f2f29885f0bb46082db9772d0315b1a268824618435f24fe67abee3ab963182896ef958843a0b8efe9fa1c9843100f846aae0b3ae80026
-
SSDEEP
98304:HzxqG1SKmYd/2qZKw/env6faT3uP9cVXQqxxnxFi0H:TxqG1StYduqZKw/enS2BxtH
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-