General
-
Target
d604eca0ca126e745a31998acc8340115f4ca82f0d7d5f74761c39864acfbc56
-
Size
4.0MB
-
Sample
221124-mn6a4agg73
-
MD5
6c3bb85d8a6a45ceefda1f45c47d518d
-
SHA1
62831a17b4c7c5c3d740f8eee23efc1f7f4edf6a
-
SHA256
d604eca0ca126e745a31998acc8340115f4ca82f0d7d5f74761c39864acfbc56
-
SHA512
ed51b3590cd936564d8a7d6c574330d379c782d17238008b7187f4489739a21ce81915d59ba7173ea2e8d202bdeb533a0ad736e65a8cf40872404c0fd0b12b94
-
SSDEEP
98304:Pcqr6k/yug5DoF/HgoKhx2o4EeXyyFvXJfN0oSJOafMqR1UmlY:URnClFcsobHyFvXJf34tkqR1U3
Static task
static1
Malware Config
Targets
-
-
Target
d604eca0ca126e745a31998acc8340115f4ca82f0d7d5f74761c39864acfbc56
-
Size
4.0MB
-
MD5
6c3bb85d8a6a45ceefda1f45c47d518d
-
SHA1
62831a17b4c7c5c3d740f8eee23efc1f7f4edf6a
-
SHA256
d604eca0ca126e745a31998acc8340115f4ca82f0d7d5f74761c39864acfbc56
-
SHA512
ed51b3590cd936564d8a7d6c574330d379c782d17238008b7187f4489739a21ce81915d59ba7173ea2e8d202bdeb533a0ad736e65a8cf40872404c0fd0b12b94
-
SSDEEP
98304:Pcqr6k/yug5DoF/HgoKhx2o4EeXyyFvXJfN0oSJOafMqR1UmlY:URnClFcsobHyFvXJf34tkqR1U3
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-