General
-
Target
d942ca60434c6717a0d8904821d7ab5d47b2d4c3ba929e05060cecd00f6a4df7
-
Size
4.1MB
-
Sample
221007-famhhabggn
-
MD5
8089c8283105ecda0250a13de053db3b
-
SHA1
b3a60904cfd79254e962f7e5502d6a11c2972146
-
SHA256
d942ca60434c6717a0d8904821d7ab5d47b2d4c3ba929e05060cecd00f6a4df7
-
SHA512
f68d7e95dffc6124dafa8d7f032ed691b792fefc0dfc531dfb893a4acd8653c42302aae418f055c071504cb31727efd953178a528f234a585bbcba9c01b6e07e
-
SSDEEP
98304:KmmecDLZHe/6iT8mjNYFzPiVTrKad2FHPt/RsmVcmz4ZxoMk:KLD1H5xmM6ld2FRRimVMk
Static task
static1
Malware Config
Targets
-
-
Target
d942ca60434c6717a0d8904821d7ab5d47b2d4c3ba929e05060cecd00f6a4df7
-
Size
4.1MB
-
MD5
8089c8283105ecda0250a13de053db3b
-
SHA1
b3a60904cfd79254e962f7e5502d6a11c2972146
-
SHA256
d942ca60434c6717a0d8904821d7ab5d47b2d4c3ba929e05060cecd00f6a4df7
-
SHA512
f68d7e95dffc6124dafa8d7f032ed691b792fefc0dfc531dfb893a4acd8653c42302aae418f055c071504cb31727efd953178a528f234a585bbcba9c01b6e07e
-
SSDEEP
98304:KmmecDLZHe/6iT8mjNYFzPiVTrKad2FHPt/RsmVcmz4ZxoMk:KLD1H5xmM6ld2FRRimVMk
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-