General
-
Target
5aee3ffcb9202d8075da37d3d75e0eea75c3416478d958992656ef68e864c394
-
Size
4.0MB
-
Sample
221126-1mqqxabc6z
-
MD5
a64e9c241a3b04deff3ba63ef7502ecb
-
SHA1
5bbdd6eff67cf4c805b7610e907f4ec6baef7052
-
SHA256
5aee3ffcb9202d8075da37d3d75e0eea75c3416478d958992656ef68e864c394
-
SHA512
9f779b3047dd57fa458605f26e08d02de2aeff34dfb27f051c5e4c8b4d1177cb2ad186f88735c1d950635381d6546b76ca9ccd8dec06eaeab569e6a0af07d61a
-
SSDEEP
98304:ogYsKhJhrDIWqFTae4uXVZwuLW3i5Q4sEGtrHInr:oQKhJJ8WwTae4Ywu9xsX0nr
Static task
static1
Malware Config
Targets
-
-
Target
5aee3ffcb9202d8075da37d3d75e0eea75c3416478d958992656ef68e864c394
-
Size
4.0MB
-
MD5
a64e9c241a3b04deff3ba63ef7502ecb
-
SHA1
5bbdd6eff67cf4c805b7610e907f4ec6baef7052
-
SHA256
5aee3ffcb9202d8075da37d3d75e0eea75c3416478d958992656ef68e864c394
-
SHA512
9f779b3047dd57fa458605f26e08d02de2aeff34dfb27f051c5e4c8b4d1177cb2ad186f88735c1d950635381d6546b76ca9ccd8dec06eaeab569e6a0af07d61a
-
SSDEEP
98304:ogYsKhJhrDIWqFTae4uXVZwuLW3i5Q4sEGtrHInr:oQKhJJ8WwTae4Ywu9xsX0nr
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-