General
-
Target
66c9aba7610efcfc57f11b78205c1b948e0b162c676c55487bda22519640bfa5
-
Size
4.0MB
-
Sample
221123-wl5q8afc8s
-
MD5
4a0d1e77ee70c68ae752f882c18c67c2
-
SHA1
06de9797f3211ea3aeb4c3a82959e91ee4a5cca8
-
SHA256
66c9aba7610efcfc57f11b78205c1b948e0b162c676c55487bda22519640bfa5
-
SHA512
2b37587bdab9f3ecaf29e134352d1bd060a7bfdff83d3f6873320329a22ce6bef753f97e23e4d369d62353e384839a41989f337ce1c3f33bbdad7477522008e7
-
SSDEEP
98304:6rQWNhnRlUbmDbN2XC8/RRvfEk7hNXr+kDYfx0nH9CCmoVm:6sU90bmDJQC2R2sNSxyd5u
Static task
static1
Malware Config
Targets
-
-
Target
66c9aba7610efcfc57f11b78205c1b948e0b162c676c55487bda22519640bfa5
-
Size
4.0MB
-
MD5
4a0d1e77ee70c68ae752f882c18c67c2
-
SHA1
06de9797f3211ea3aeb4c3a82959e91ee4a5cca8
-
SHA256
66c9aba7610efcfc57f11b78205c1b948e0b162c676c55487bda22519640bfa5
-
SHA512
2b37587bdab9f3ecaf29e134352d1bd060a7bfdff83d3f6873320329a22ce6bef753f97e23e4d369d62353e384839a41989f337ce1c3f33bbdad7477522008e7
-
SSDEEP
98304:6rQWNhnRlUbmDbN2XC8/RRvfEk7hNXr+kDYfx0nH9CCmoVm:6sU90bmDJQC2R2sNSxyd5u
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-