General
-
Target
d9ba0c8caaed1fe00c5d48cd9103361d7c559ae52b2e62484a2285fd71640ce5
-
Size
4.1MB
-
Sample
221011-rwvxjsacbj
-
MD5
ebb8a02d5fb0f88cb814e292e855e4eb
-
SHA1
3ff56deeede73ad2eaa38315c60fd4aa74bee6b4
-
SHA256
d9ba0c8caaed1fe00c5d48cd9103361d7c559ae52b2e62484a2285fd71640ce5
-
SHA512
dac773a16d467029b77e49d3d44554b0a0e47be8032cfaaa518e0d45882b3ef55291917fa9fb040321b288c2befda979e6eb260b74aebedfffa1bfca688311de
-
SSDEEP
98304:i/tHqSnt5ng0VX7W5QlsKlwU+bGg3i38THZBJMcX/dtLeidcNGia721k+:wHqSt5nZVX7uQlsTnqg3WK5DMm/7qidA
Static task
static1
Malware Config
Targets
-
-
Target
d9ba0c8caaed1fe00c5d48cd9103361d7c559ae52b2e62484a2285fd71640ce5
-
Size
4.1MB
-
MD5
ebb8a02d5fb0f88cb814e292e855e4eb
-
SHA1
3ff56deeede73ad2eaa38315c60fd4aa74bee6b4
-
SHA256
d9ba0c8caaed1fe00c5d48cd9103361d7c559ae52b2e62484a2285fd71640ce5
-
SHA512
dac773a16d467029b77e49d3d44554b0a0e47be8032cfaaa518e0d45882b3ef55291917fa9fb040321b288c2befda979e6eb260b74aebedfffa1bfca688311de
-
SSDEEP
98304:i/tHqSnt5ng0VX7W5QlsKlwU+bGg3i38THZBJMcX/dtLeidcNGia721k+:wHqSt5nZVX7uQlsTnqg3WK5DMm/7qidA
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-