General
-
Target
913f481bc56a35d1d75c965e0c9c861e2849f15f563da084f306d8c8810445d1
-
Size
4.1MB
-
Sample
221007-yj4r9adefj
-
MD5
c4febd27bfb5726b1ab067cb656a818d
-
SHA1
c293fdca31161854e8ae7e6d3a1f67c807aa49be
-
SHA256
913f481bc56a35d1d75c965e0c9c861e2849f15f563da084f306d8c8810445d1
-
SHA512
983e1b5eecd6259beff4004ea22beaa0b9a536c95b3d5026a6d7865ed38891aee844704c968f74d02f4c57827c804434395263530f1fcd2187cebbdc80014e49
-
SSDEEP
98304:YvhnaODBMLjopw3fb0Nuf1gCi+0JbYGdMRTTgQ4YQeLnVzoHQk5s4:4ZQopwvOuf1Nz0RYMMOQ4YXLnmHQk5V
Static task
static1
Malware Config
Targets
-
-
Target
913f481bc56a35d1d75c965e0c9c861e2849f15f563da084f306d8c8810445d1
-
Size
4.1MB
-
MD5
c4febd27bfb5726b1ab067cb656a818d
-
SHA1
c293fdca31161854e8ae7e6d3a1f67c807aa49be
-
SHA256
913f481bc56a35d1d75c965e0c9c861e2849f15f563da084f306d8c8810445d1
-
SHA512
983e1b5eecd6259beff4004ea22beaa0b9a536c95b3d5026a6d7865ed38891aee844704c968f74d02f4c57827c804434395263530f1fcd2187cebbdc80014e49
-
SSDEEP
98304:YvhnaODBMLjopw3fb0Nuf1gCi+0JbYGdMRTTgQ4YQeLnVzoHQk5s4:4ZQopwvOuf1Nz0RYMMOQ4YXLnmHQk5V
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-