General
-
Target
ea95234e9a60313007d7b9bcbd83ff90515ac9059a3106967b931fce83bfebcc
-
Size
4.0MB
-
Sample
221006-p1pvzshfcp
-
MD5
5746aa0b23854f087b5d9afe8727c03b
-
SHA1
494eacd7482616ce7542915b32f86d4d7378dd80
-
SHA256
ea95234e9a60313007d7b9bcbd83ff90515ac9059a3106967b931fce83bfebcc
-
SHA512
46fcf53a3c267bc325b8dc07eae80488379ce5d95c59cb1b256d877d3690b5032da88576623509b7d034e619194c8aa12add3e36016e0e78fb43f225e1711d29
-
SSDEEP
98304:W/ac2q4sVl0Nx/mpVaU0ZY/A+B8imyys33/B8DJDtkXxu1dfclXb:W/aQ4sV+z+3iY/Hmyyopg6sLU1
Static task
static1
Malware Config
Targets
-
-
Target
ea95234e9a60313007d7b9bcbd83ff90515ac9059a3106967b931fce83bfebcc
-
Size
4.0MB
-
MD5
5746aa0b23854f087b5d9afe8727c03b
-
SHA1
494eacd7482616ce7542915b32f86d4d7378dd80
-
SHA256
ea95234e9a60313007d7b9bcbd83ff90515ac9059a3106967b931fce83bfebcc
-
SHA512
46fcf53a3c267bc325b8dc07eae80488379ce5d95c59cb1b256d877d3690b5032da88576623509b7d034e619194c8aa12add3e36016e0e78fb43f225e1711d29
-
SSDEEP
98304:W/ac2q4sVl0Nx/mpVaU0ZY/A+B8imyys33/B8DJDtkXxu1dfclXb:W/aQ4sV+z+3iY/Hmyyopg6sLU1
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-