General
-
Target
3b48c63684f4d02c772fea2354b1503dcabb97917ff3fc33b2abb31e39231e36
-
Size
4.0MB
-
Sample
221126-v4pbhsbg36
-
MD5
e4576df59853fcbdabd419702d680ee2
-
SHA1
5d900fe987f125b9ac11c0228fcdc36940d83a4e
-
SHA256
3b48c63684f4d02c772fea2354b1503dcabb97917ff3fc33b2abb31e39231e36
-
SHA512
8bdbb24e130ad42b9d144894660855c6ac08b135738e22bc4b98dc9329c8c390e07fc84d4809523eb980b46ecc4308114a83f9b2450fd01f2a932aa661cd836f
-
SSDEEP
98304:v2U4WkBTpP/ywB+5DVywNsrTrSnEA3A/W0kYOkq3aJlk:va3BBaw85D8wQut37/dn38k
Static task
static1
Malware Config
Targets
-
-
Target
3b48c63684f4d02c772fea2354b1503dcabb97917ff3fc33b2abb31e39231e36
-
Size
4.0MB
-
MD5
e4576df59853fcbdabd419702d680ee2
-
SHA1
5d900fe987f125b9ac11c0228fcdc36940d83a4e
-
SHA256
3b48c63684f4d02c772fea2354b1503dcabb97917ff3fc33b2abb31e39231e36
-
SHA512
8bdbb24e130ad42b9d144894660855c6ac08b135738e22bc4b98dc9329c8c390e07fc84d4809523eb980b46ecc4308114a83f9b2450fd01f2a932aa661cd836f
-
SSDEEP
98304:v2U4WkBTpP/ywB+5DVywNsrTrSnEA3A/W0kYOkq3aJlk:va3BBaw85D8wQut37/dn38k
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-