General
-
Target
e153ed219905896fcfe3499dd1e3bdc5b803e36834a85a4d72695f142f149713
-
Size
4.1MB
-
Sample
221007-3pc9psdgg5
-
MD5
86ac58bc82f92626a2d52943041ec924
-
SHA1
0fe0dfbf022ef1b4044f2a92d094642ee85569a5
-
SHA256
e153ed219905896fcfe3499dd1e3bdc5b803e36834a85a4d72695f142f149713
-
SHA512
3feb8f4a722157f7dabe1e6189a441c892ab2a4ecda997ac569aa08483482b33bf583d58f8da73703b2bcbeb194e65534af6222ca22c44a21ac85ae06401224c
-
SSDEEP
98304:rlj3QrW0EheEbXvx2OvzzZWegkePilRVb9RQIAjTV0sqHGgM:BjhbXvxLvfgeLePilRd9REH0M
Static task
static1
Malware Config
Targets
-
-
Target
e153ed219905896fcfe3499dd1e3bdc5b803e36834a85a4d72695f142f149713
-
Size
4.1MB
-
MD5
86ac58bc82f92626a2d52943041ec924
-
SHA1
0fe0dfbf022ef1b4044f2a92d094642ee85569a5
-
SHA256
e153ed219905896fcfe3499dd1e3bdc5b803e36834a85a4d72695f142f149713
-
SHA512
3feb8f4a722157f7dabe1e6189a441c892ab2a4ecda997ac569aa08483482b33bf583d58f8da73703b2bcbeb194e65534af6222ca22c44a21ac85ae06401224c
-
SSDEEP
98304:rlj3QrW0EheEbXvx2OvzzZWegkePilRVb9RQIAjTV0sqHGgM:BjhbXvxLvfgeLePilRd9REH0M
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-