General
-
Target
53f0f52a929d374921b45f647b9ef3ef4b11ef385f53a6ca183a487c182f72ca
-
Size
4.0MB
-
Sample
221124-qv4mmabd3v
-
MD5
3d0ff6ff9301285433ec410830b92f49
-
SHA1
33bd39dc5bea8cfb7ca0256090c2a4b682fc6a98
-
SHA256
53f0f52a929d374921b45f647b9ef3ef4b11ef385f53a6ca183a487c182f72ca
-
SHA512
03c42f6a6e96825a96fa93651b9f6a5f26aceaa206fbd357345530b1f70d69c86f9d465db1635bdd150e1743c4923cc12495519fba80057d323b9d346fbd695c
-
SSDEEP
98304:iWfIhzeVumsbVuOn7SkqmAIhvpuUk6fFRWtkzK:dwhzks5uOnzAIhvpuUkqFRpu
Static task
static1
Malware Config
Targets
-
-
Target
53f0f52a929d374921b45f647b9ef3ef4b11ef385f53a6ca183a487c182f72ca
-
Size
4.0MB
-
MD5
3d0ff6ff9301285433ec410830b92f49
-
SHA1
33bd39dc5bea8cfb7ca0256090c2a4b682fc6a98
-
SHA256
53f0f52a929d374921b45f647b9ef3ef4b11ef385f53a6ca183a487c182f72ca
-
SHA512
03c42f6a6e96825a96fa93651b9f6a5f26aceaa206fbd357345530b1f70d69c86f9d465db1635bdd150e1743c4923cc12495519fba80057d323b9d346fbd695c
-
SSDEEP
98304:iWfIhzeVumsbVuOn7SkqmAIhvpuUk6fFRWtkzK:dwhzks5uOnzAIhvpuUkqFRpu
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-