General
-
Target
ef4c2d1b5fb0bfbf6500da0ba0928413a367f44e09f1b2220d6bedbe1232b74e
-
Size
4.1MB
-
Sample
221008-al4y2adhb6
-
MD5
629791977f0db67b69c311763364bc19
-
SHA1
dbf50088c99df8619c5f3445e6bcee482423adb5
-
SHA256
ef4c2d1b5fb0bfbf6500da0ba0928413a367f44e09f1b2220d6bedbe1232b74e
-
SHA512
76464d528610861ead146f665cdb19eea8b59cf993c13b6ad4c5da982eb3eb8d23d895411c03728718dbf378e0cfdf1da8ac694002653eb2ca4daf3266ebd2ea
-
SSDEEP
98304:Y8+4l7TOYVTsDHl9+gx0eguuMRRh5OSmioUfUUSG8rJTgqQmBa7:5V7TXBiPZukD5tYlkoa7
Static task
static1
Malware Config
Targets
-
-
Target
ef4c2d1b5fb0bfbf6500da0ba0928413a367f44e09f1b2220d6bedbe1232b74e
-
Size
4.1MB
-
MD5
629791977f0db67b69c311763364bc19
-
SHA1
dbf50088c99df8619c5f3445e6bcee482423adb5
-
SHA256
ef4c2d1b5fb0bfbf6500da0ba0928413a367f44e09f1b2220d6bedbe1232b74e
-
SHA512
76464d528610861ead146f665cdb19eea8b59cf993c13b6ad4c5da982eb3eb8d23d895411c03728718dbf378e0cfdf1da8ac694002653eb2ca4daf3266ebd2ea
-
SSDEEP
98304:Y8+4l7TOYVTsDHl9+gx0eguuMRRh5OSmioUfUUSG8rJTgqQmBa7:5V7TXBiPZukD5tYlkoa7
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-