General
-
Target
fa3ccaab770c28f1f3d51c2649c7deb71f287f0f064fb82abb471af26c5b7f5d
-
Size
4.1MB
-
Sample
221010-sh2zdacedn
-
MD5
08fe512bdf3c8e13e453a4980d2cf48a
-
SHA1
985d6900ff1a9b00950f6685403e22367bdeeb14
-
SHA256
fa3ccaab770c28f1f3d51c2649c7deb71f287f0f064fb82abb471af26c5b7f5d
-
SHA512
aff012af3cd4d1b6a9202b3b5ab732791ed56633c6d6e945a77f9e025bfb35065130056a2c80fa8f6014cb9891f78cb188905e9b4b8bba5a89e0c1a4c377c426
-
SSDEEP
98304:pL7HjmSOFWZ1+KjRlkYHdvWaaHHQgTWzwNhs18ixF3TF0tQ:R7aQ7jjkaW7nNTWzeW1xhF6Q
Static task
static1
Malware Config
Targets
-
-
Target
fa3ccaab770c28f1f3d51c2649c7deb71f287f0f064fb82abb471af26c5b7f5d
-
Size
4.1MB
-
MD5
08fe512bdf3c8e13e453a4980d2cf48a
-
SHA1
985d6900ff1a9b00950f6685403e22367bdeeb14
-
SHA256
fa3ccaab770c28f1f3d51c2649c7deb71f287f0f064fb82abb471af26c5b7f5d
-
SHA512
aff012af3cd4d1b6a9202b3b5ab732791ed56633c6d6e945a77f9e025bfb35065130056a2c80fa8f6014cb9891f78cb188905e9b4b8bba5a89e0c1a4c377c426
-
SSDEEP
98304:pL7HjmSOFWZ1+KjRlkYHdvWaaHHQgTWzwNhs18ixF3TF0tQ:R7aQ7jjkaW7nNTWzeW1xhF6Q
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-