General
-
Target
0d64b03cc6711f44fae99c2f2c88add3315b92a2b69904a0d51f7f873c15c936
-
Size
4.0MB
-
Sample
221123-y16m6sbf48
-
MD5
047528c674580c68449df05183c3df9f
-
SHA1
f9faf8edecbf71dc108b709f8183bf677a4a9a32
-
SHA256
0d64b03cc6711f44fae99c2f2c88add3315b92a2b69904a0d51f7f873c15c936
-
SHA512
7a0b902c43925e63bf65ec94d4ae00953fba054153a7a60142672e767f17076f73ed7f6de2e3af8084ca32aaa507b4ec07700a188e412ba0019b17ee0095498a
-
SSDEEP
98304:Wyf79moIwgrgn+mqXQVLpMdMp1b+ToU1W:WO9EwwmqXQV9MdM7+TG
Static task
static1
Malware Config
Targets
-
-
Target
0d64b03cc6711f44fae99c2f2c88add3315b92a2b69904a0d51f7f873c15c936
-
Size
4.0MB
-
MD5
047528c674580c68449df05183c3df9f
-
SHA1
f9faf8edecbf71dc108b709f8183bf677a4a9a32
-
SHA256
0d64b03cc6711f44fae99c2f2c88add3315b92a2b69904a0d51f7f873c15c936
-
SHA512
7a0b902c43925e63bf65ec94d4ae00953fba054153a7a60142672e767f17076f73ed7f6de2e3af8084ca32aaa507b4ec07700a188e412ba0019b17ee0095498a
-
SSDEEP
98304:Wyf79moIwgrgn+mqXQVLpMdMp1b+ToU1W:WO9EwwmqXQV9MdM7+TG
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-