General
-
Target
5ddbc68fc975f61df3f51c01852219f88535051c25137521beab8b6e89012d3e
-
Size
4.0MB
-
Sample
221127-ljrfpsbd5s
-
MD5
01e4470f214e1dff69c6c7573cbb9c12
-
SHA1
2c4e3c4774b67a6cfa1952c531769de404003397
-
SHA256
5ddbc68fc975f61df3f51c01852219f88535051c25137521beab8b6e89012d3e
-
SHA512
7d1ecc5d7750517c457fe6c2d41562e1facbf7a78880145700400827826f3e20514098f9052b43e816c444bc6626eecbc53248d6682f1087efbca7ac91744a9b
-
SSDEEP
98304:BhCnnXJZIgf+YQIyflbuMzePIO/d4fFZpxSRf47+g:BwAgGhPlnzeIwd4tBSBm
Static task
static1
Malware Config
Targets
-
-
Target
5ddbc68fc975f61df3f51c01852219f88535051c25137521beab8b6e89012d3e
-
Size
4.0MB
-
MD5
01e4470f214e1dff69c6c7573cbb9c12
-
SHA1
2c4e3c4774b67a6cfa1952c531769de404003397
-
SHA256
5ddbc68fc975f61df3f51c01852219f88535051c25137521beab8b6e89012d3e
-
SHA512
7d1ecc5d7750517c457fe6c2d41562e1facbf7a78880145700400827826f3e20514098f9052b43e816c444bc6626eecbc53248d6682f1087efbca7ac91744a9b
-
SSDEEP
98304:BhCnnXJZIgf+YQIyflbuMzePIO/d4fFZpxSRf47+g:BwAgGhPlnzeIwd4tBSBm
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-