General
-
Target
3669a9b1408dcc89ab1524fe3093df4ca018d4eda9a4c3bd18627f47d25ac469
-
Size
4.1MB
-
Sample
221007-qtlqescggr
-
MD5
d2c4d344c73db3d504cc6c78789ba396
-
SHA1
353969ede0c057d93bef1050d4669c220e9613e3
-
SHA256
3669a9b1408dcc89ab1524fe3093df4ca018d4eda9a4c3bd18627f47d25ac469
-
SHA512
d45ad08b86289fec5b928a611fdb19f86c331d46ec5a7a924e9f97e78e2ae055fd6a10cf8115b7cc3762bcff2a6ac2f0ab04409e43f3cb79aae04f389d1ae05a
-
SSDEEP
49152:dnpCgjiaqzJpHt/RVsXma1jpd8G+aAQ3ZEp5gGgTsc0hl5oSdU5iuf4UcB6EdyoN:dDmaqNpmm+H8YAQs+fWl5dUcBQhp+br
Static task
static1
Malware Config
Targets
-
-
Target
3669a9b1408dcc89ab1524fe3093df4ca018d4eda9a4c3bd18627f47d25ac469
-
Size
4.1MB
-
MD5
d2c4d344c73db3d504cc6c78789ba396
-
SHA1
353969ede0c057d93bef1050d4669c220e9613e3
-
SHA256
3669a9b1408dcc89ab1524fe3093df4ca018d4eda9a4c3bd18627f47d25ac469
-
SHA512
d45ad08b86289fec5b928a611fdb19f86c331d46ec5a7a924e9f97e78e2ae055fd6a10cf8115b7cc3762bcff2a6ac2f0ab04409e43f3cb79aae04f389d1ae05a
-
SSDEEP
49152:dnpCgjiaqzJpHt/RVsXma1jpd8G+aAQ3ZEp5gGgTsc0hl5oSdU5iuf4UcB6EdyoN:dDmaqNpmm+H8YAQs+fWl5dUcBQhp+br
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-