General
-
Target
b0323870ad6c201fa003924c17479137e8a166bb095a8d8ae403b3d26d560e5d
-
Size
4.0MB
-
Sample
221125-ws1e3sdh76
-
MD5
c9e8e0b7d43e007001360a63f3cfd86d
-
SHA1
033453ce401d8162b1e4308e58df1341b1e1a03b
-
SHA256
b0323870ad6c201fa003924c17479137e8a166bb095a8d8ae403b3d26d560e5d
-
SHA512
fed4572dfe69f84d19ea36a18e6c6ee2ab44a3329f7e2847bb6c3a98dce27f59f3a76c26c8ec928d72c18d755bd33b5a4a744dc361620f8402c1bbc78969dc9b
-
SSDEEP
98304:hi4kWcuXevtFG2AV+RiSTNzn14gLu0I4AO6jP:hi4kWB13V+Jz1tu/q6z
Static task
static1
Malware Config
Targets
-
-
Target
b0323870ad6c201fa003924c17479137e8a166bb095a8d8ae403b3d26d560e5d
-
Size
4.0MB
-
MD5
c9e8e0b7d43e007001360a63f3cfd86d
-
SHA1
033453ce401d8162b1e4308e58df1341b1e1a03b
-
SHA256
b0323870ad6c201fa003924c17479137e8a166bb095a8d8ae403b3d26d560e5d
-
SHA512
fed4572dfe69f84d19ea36a18e6c6ee2ab44a3329f7e2847bb6c3a98dce27f59f3a76c26c8ec928d72c18d755bd33b5a4a744dc361620f8402c1bbc78969dc9b
-
SSDEEP
98304:hi4kWcuXevtFG2AV+RiSTNzn14gLu0I4AO6jP:hi4kWB13V+Jz1tu/q6z
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-