General
-
Target
ae1bdd6b96bb432c3d70542d517966c0c90ade75a17547958f80b997f4760664
-
Size
4.0MB
-
Sample
221123-j7bn2sgf29
-
MD5
aba6310aa1ed13d21f8e02bbb7681748
-
SHA1
312d5c2c8be60f493bed6b95f1a4d00580e3b590
-
SHA256
ae1bdd6b96bb432c3d70542d517966c0c90ade75a17547958f80b997f4760664
-
SHA512
1ced0395a3983d70d4ef1aa944dc0cd72d1d018c66777e681846256c922e09cd50741c726244ec978cb4f2a201b73e621b63710d707fe2de915d7f774d79f258
-
SSDEEP
98304:Kv3EAAS3jwL8awyyNSbRf1CEf0Wgh3ptahHcJbH0:KMAAS0L8ZWbTby3mFubU
Static task
static1
Malware Config
Targets
-
-
Target
ae1bdd6b96bb432c3d70542d517966c0c90ade75a17547958f80b997f4760664
-
Size
4.0MB
-
MD5
aba6310aa1ed13d21f8e02bbb7681748
-
SHA1
312d5c2c8be60f493bed6b95f1a4d00580e3b590
-
SHA256
ae1bdd6b96bb432c3d70542d517966c0c90ade75a17547958f80b997f4760664
-
SHA512
1ced0395a3983d70d4ef1aa944dc0cd72d1d018c66777e681846256c922e09cd50741c726244ec978cb4f2a201b73e621b63710d707fe2de915d7f774d79f258
-
SSDEEP
98304:Kv3EAAS3jwL8awyyNSbRf1CEf0Wgh3ptahHcJbH0:KMAAS0L8ZWbTby3mFubU
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-