General
-
Target
ce6cc130db9386dad0c80b5f84e8865f9378a6e55cce9f81f39288448c2cbc46
-
Size
4.1MB
-
Sample
221008-qyywjsehep
-
MD5
deb1d1f6481417b9a9b16bedba540734
-
SHA1
9a9f502a321b32c9554ff4f60d27427d086a7407
-
SHA256
ce6cc130db9386dad0c80b5f84e8865f9378a6e55cce9f81f39288448c2cbc46
-
SHA512
25507047d08f2cb1a61c5f463441ee66901b670aa88455b726512a4d6bb282a028324f1d68a6ae6034edece7a9f4440f34d06a95edc7c731794c61f156cbbb15
-
SSDEEP
98304:hxVq6raYS0RgXQp2hOpKNw3i1inwJGwpiv0yiMgNiObd+Cm1o:ZvraYS0w9OpmwS1iTWMuiObP
Static task
static1
Malware Config
Targets
-
-
Target
ce6cc130db9386dad0c80b5f84e8865f9378a6e55cce9f81f39288448c2cbc46
-
Size
4.1MB
-
MD5
deb1d1f6481417b9a9b16bedba540734
-
SHA1
9a9f502a321b32c9554ff4f60d27427d086a7407
-
SHA256
ce6cc130db9386dad0c80b5f84e8865f9378a6e55cce9f81f39288448c2cbc46
-
SHA512
25507047d08f2cb1a61c5f463441ee66901b670aa88455b726512a4d6bb282a028324f1d68a6ae6034edece7a9f4440f34d06a95edc7c731794c61f156cbbb15
-
SSDEEP
98304:hxVq6raYS0RgXQp2hOpKNw3i1inwJGwpiv0yiMgNiObd+Cm1o:ZvraYS0w9OpmwS1iTWMuiObP
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-