General
-
Target
4361fca44cb330a78e983c2433fb754132ed3e7bd2c40555bc81c9f22b91c31f
-
Size
4.0MB
-
Sample
221124-xm4e8aga6z
-
MD5
84240051edce7e81c163e4e0460583f8
-
SHA1
2b69efeb4380b0a8a3b2e337a40b5a5fef6077da
-
SHA256
4361fca44cb330a78e983c2433fb754132ed3e7bd2c40555bc81c9f22b91c31f
-
SHA512
e23bcc9a05e44d0a90297a37540354c4dbcc01cacdc0a7c45c6231ee9e1e527f6bab1cad0d38dd2dee7d189e4599c16fae4018c6ab2469417d3062c825dc9fc8
-
SSDEEP
98304:/E7oXhxLjlAWkub4Df6n/m1NVXgoY6np9QF+MyktbvqQ9PnRme:/E7oX5ApuUR1N5jY6ngF+M31JUe
Static task
static1
Malware Config
Targets
-
-
Target
4361fca44cb330a78e983c2433fb754132ed3e7bd2c40555bc81c9f22b91c31f
-
Size
4.0MB
-
MD5
84240051edce7e81c163e4e0460583f8
-
SHA1
2b69efeb4380b0a8a3b2e337a40b5a5fef6077da
-
SHA256
4361fca44cb330a78e983c2433fb754132ed3e7bd2c40555bc81c9f22b91c31f
-
SHA512
e23bcc9a05e44d0a90297a37540354c4dbcc01cacdc0a7c45c6231ee9e1e527f6bab1cad0d38dd2dee7d189e4599c16fae4018c6ab2469417d3062c825dc9fc8
-
SSDEEP
98304:/E7oXhxLjlAWkub4Df6n/m1NVXgoY6np9QF+MyktbvqQ9PnRme:/E7oX5ApuUR1N5jY6ngF+M31JUe
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-