General
-
Target
05f0e11ca04c29281bc7709c8f5e19d93a66b70656652fd81de1fc5409ebf660
-
Size
4.0MB
-
Sample
221124-l9ke3sfg86
-
MD5
16e74db3aa8de93d2a2d2b04e182e156
-
SHA1
617af05017fe4b28977467f3002c0f42748555dd
-
SHA256
05f0e11ca04c29281bc7709c8f5e19d93a66b70656652fd81de1fc5409ebf660
-
SHA512
713ae9631f3b57ad904fe749818f69a6410c4e3a3d0f7b2fc0e7ddd3ec84f2571a663ffc7878a84bcb27373fef61fd3b0e8a9f71fe89aff97a0da7e25b8b9e74
-
SSDEEP
98304:7LOzqRfH857B/dopHWuymxrlATMhhP7E28bgF9R:7UqRH8vFO8ml8EhDfI4H
Static task
static1
Malware Config
Targets
-
-
Target
05f0e11ca04c29281bc7709c8f5e19d93a66b70656652fd81de1fc5409ebf660
-
Size
4.0MB
-
MD5
16e74db3aa8de93d2a2d2b04e182e156
-
SHA1
617af05017fe4b28977467f3002c0f42748555dd
-
SHA256
05f0e11ca04c29281bc7709c8f5e19d93a66b70656652fd81de1fc5409ebf660
-
SHA512
713ae9631f3b57ad904fe749818f69a6410c4e3a3d0f7b2fc0e7ddd3ec84f2571a663ffc7878a84bcb27373fef61fd3b0e8a9f71fe89aff97a0da7e25b8b9e74
-
SSDEEP
98304:7LOzqRfH857B/dopHWuymxrlATMhhP7E28bgF9R:7UqRH8vFO8ml8EhDfI4H
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-