General
-
Target
c6b5b1d59a2ec9cca2fda1db266ad256150fddfbb739380e34b29fb730a4cab6
-
Size
4.1MB
-
Sample
221007-amltvabdcp
-
MD5
9686bce9af67a1a18a1760476c9fecaf
-
SHA1
e46648b25d79c9e1ed91a2fa20310952ff80de77
-
SHA256
c6b5b1d59a2ec9cca2fda1db266ad256150fddfbb739380e34b29fb730a4cab6
-
SHA512
3ae63a0b5ba6e53a4437de029e8ca0e340ac520246eb6fd770d3fa75b7b2a0706f790e698aac4ed4c72ddcd2cf903c9fa6f69e377e0ee0c5cbbe606d5fc90c63
-
SSDEEP
98304:XTwQ77Q8isIkpsQDhaEpdC9e8KnkLLXUWc5sGNOgrJw7:F7Q8mkiGhgxKnmTUWcuGNOgVw7
Static task
static1
Malware Config
Targets
-
-
Target
c6b5b1d59a2ec9cca2fda1db266ad256150fddfbb739380e34b29fb730a4cab6
-
Size
4.1MB
-
MD5
9686bce9af67a1a18a1760476c9fecaf
-
SHA1
e46648b25d79c9e1ed91a2fa20310952ff80de77
-
SHA256
c6b5b1d59a2ec9cca2fda1db266ad256150fddfbb739380e34b29fb730a4cab6
-
SHA512
3ae63a0b5ba6e53a4437de029e8ca0e340ac520246eb6fd770d3fa75b7b2a0706f790e698aac4ed4c72ddcd2cf903c9fa6f69e377e0ee0c5cbbe606d5fc90c63
-
SSDEEP
98304:XTwQ77Q8isIkpsQDhaEpdC9e8KnkLLXUWc5sGNOgrJw7:F7Q8mkiGhgxKnmTUWcuGNOgVw7
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-