General
-
Target
8f0d32fe42ebee8b973fbbdd09abec0769b7937876f4ee3f78ef6883d3a0392d
-
Size
4.1MB
-
Sample
221007-wnjlrsdae5
-
MD5
466e2425ce19fbd0b8be1df37d6bef10
-
SHA1
3541a127df215164ed52efb0f240288814177611
-
SHA256
8f0d32fe42ebee8b973fbbdd09abec0769b7937876f4ee3f78ef6883d3a0392d
-
SHA512
4ac533631f860282d449a553a38fde8a46f8fd0206e47005cdeb13dfef9a73dd66bf5035729f75fd3729fff82720d3cd6e22a5c7ece23bb50d2050887f6e7e0f
-
SSDEEP
98304:nQOcsmXDT7pti73eSUVAIzslpDcOHVth1huHFjtn7rioP:lZmTnptYtUeIzApD1tTgHFvP
Static task
static1
Malware Config
Targets
-
-
Target
8f0d32fe42ebee8b973fbbdd09abec0769b7937876f4ee3f78ef6883d3a0392d
-
Size
4.1MB
-
MD5
466e2425ce19fbd0b8be1df37d6bef10
-
SHA1
3541a127df215164ed52efb0f240288814177611
-
SHA256
8f0d32fe42ebee8b973fbbdd09abec0769b7937876f4ee3f78ef6883d3a0392d
-
SHA512
4ac533631f860282d449a553a38fde8a46f8fd0206e47005cdeb13dfef9a73dd66bf5035729f75fd3729fff82720d3cd6e22a5c7ece23bb50d2050887f6e7e0f
-
SSDEEP
98304:nQOcsmXDT7pti73eSUVAIzslpDcOHVth1huHFjtn7rioP:lZmTnptYtUeIzApD1tTgHFvP
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-