General
-
Target
900955926f1aa18b8de760c2f9d6b309c85643028849e027986006dbd6517998
-
Size
4.0MB
-
Sample
221125-mrvzjaef7t
-
MD5
7beac59682a9f007f2ed2fb50428e782
-
SHA1
44d60011caaa1ecd27fa66507f0ac260e449c5b8
-
SHA256
900955926f1aa18b8de760c2f9d6b309c85643028849e027986006dbd6517998
-
SHA512
b90251db3a8d4616e8dd00308b527d0dd7bed7a0d62236b32dff8c7351b8416cb49565f1975f627b94f129ea93e1d728892f39da666f9490f7c14c89fdeb6778
-
SSDEEP
98304:uJyTdROahEuR+F6G6iB7GoazMQy/cddAUuze7k9fGcwLLJytTF:uJyxtbR86u7t/c6tdkdmTF
Static task
static1
Malware Config
Targets
-
-
Target
900955926f1aa18b8de760c2f9d6b309c85643028849e027986006dbd6517998
-
Size
4.0MB
-
MD5
7beac59682a9f007f2ed2fb50428e782
-
SHA1
44d60011caaa1ecd27fa66507f0ac260e449c5b8
-
SHA256
900955926f1aa18b8de760c2f9d6b309c85643028849e027986006dbd6517998
-
SHA512
b90251db3a8d4616e8dd00308b527d0dd7bed7a0d62236b32dff8c7351b8416cb49565f1975f627b94f129ea93e1d728892f39da666f9490f7c14c89fdeb6778
-
SSDEEP
98304:uJyTdROahEuR+F6G6iB7GoazMQy/cddAUuze7k9fGcwLLJytTF:uJyxtbR86u7t/c6tdkdmTF
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-