General
-
Target
6cd21e77ebb2d8e2439ddf87bee1495f5b95872444fdc1535273598a58286ded
-
Size
4.1MB
-
Sample
221005-sxatfafaaj
-
MD5
28520a357412c080dcb2d20c8c19b460
-
SHA1
7328966f49aca9ae4f205a0d6ed34f4285419e43
-
SHA256
6cd21e77ebb2d8e2439ddf87bee1495f5b95872444fdc1535273598a58286ded
-
SHA512
15c632aa64cfc4a06550d62e8cb5f6d34ede9dd0ce71f3d8dcc38d2792a8cd845cdd7bc9346777a28ac2099b614d8ca67aad95217c9c6fd51ec4fae9a5392e40
-
SSDEEP
98304:Bm0TedbDIY7jrrSTkDa9kFWX7uHJDMlFph4UZ+11QyPx:ssYDIY7jrOTSZl4FjzM9Px
Static task
static1
Malware Config
Targets
-
-
Target
6cd21e77ebb2d8e2439ddf87bee1495f5b95872444fdc1535273598a58286ded
-
Size
4.1MB
-
MD5
28520a357412c080dcb2d20c8c19b460
-
SHA1
7328966f49aca9ae4f205a0d6ed34f4285419e43
-
SHA256
6cd21e77ebb2d8e2439ddf87bee1495f5b95872444fdc1535273598a58286ded
-
SHA512
15c632aa64cfc4a06550d62e8cb5f6d34ede9dd0ce71f3d8dcc38d2792a8cd845cdd7bc9346777a28ac2099b614d8ca67aad95217c9c6fd51ec4fae9a5392e40
-
SSDEEP
98304:Bm0TedbDIY7jrrSTkDa9kFWX7uHJDMlFph4UZ+11QyPx:ssYDIY7jrOTSZl4FjzM9Px
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-