General
-
Target
74d478e0e2a6b8e5bb75d912cf1f368e8a02c529d42188ca02a2584bd7d49cd7
-
Size
4.1MB
-
Sample
221008-t1cymsfac2
-
MD5
0687f86fe6fe9f69bb9463feac238794
-
SHA1
6b3cd07a8f6c6b700d5c95d3ad356bbbd45f46e4
-
SHA256
74d478e0e2a6b8e5bb75d912cf1f368e8a02c529d42188ca02a2584bd7d49cd7
-
SHA512
0f58115384f8aaba9489e8a584909a39072f1de03e3e472a8f548cdf9f16a43bddce14f3387f194931c620fcd6224b5864cb71402495d156f0749b07ae3e9b58
-
SSDEEP
98304:cqBIl7aLbuCSom9o2pziWyhwPYxNlrr/scyw4bp:zc72uhogTziKAHlnyXp
Static task
static1
Malware Config
Targets
-
-
Target
74d478e0e2a6b8e5bb75d912cf1f368e8a02c529d42188ca02a2584bd7d49cd7
-
Size
4.1MB
-
MD5
0687f86fe6fe9f69bb9463feac238794
-
SHA1
6b3cd07a8f6c6b700d5c95d3ad356bbbd45f46e4
-
SHA256
74d478e0e2a6b8e5bb75d912cf1f368e8a02c529d42188ca02a2584bd7d49cd7
-
SHA512
0f58115384f8aaba9489e8a584909a39072f1de03e3e472a8f548cdf9f16a43bddce14f3387f194931c620fcd6224b5864cb71402495d156f0749b07ae3e9b58
-
SSDEEP
98304:cqBIl7aLbuCSom9o2pziWyhwPYxNlrr/scyw4bp:zc72uhogTziKAHlnyXp
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-