General
-
Target
b48f6b1f1221ea509af97e63f65cf2682b1d4c5febed5f9cb1170bb189202bc0
-
Size
4.1MB
-
Sample
221128-3xht6ace35
-
MD5
987c99384e30e691a92a238034372627
-
SHA1
c4760a41859f651e5fa3d8fc3357fef61a450980
-
SHA256
b48f6b1f1221ea509af97e63f65cf2682b1d4c5febed5f9cb1170bb189202bc0
-
SHA512
d22fd13920a73d88991695ba4434ff726f5d5b2431622e284370445658306e8f86a27a9cba4fce4cf519597c701ae44ffe550b6515a4c64d5de0a648912d86f5
-
SSDEEP
98304:2Xs80Mp6rUwkN0Y6BmEUBK1UIACWBrZNRsCUBstCv/dfc8zPQT:2Xs8HX6YZET2IARBdNRIBp/df9Y
Static task
static1
Malware Config
Targets
-
-
Target
b48f6b1f1221ea509af97e63f65cf2682b1d4c5febed5f9cb1170bb189202bc0
-
Size
4.1MB
-
MD5
987c99384e30e691a92a238034372627
-
SHA1
c4760a41859f651e5fa3d8fc3357fef61a450980
-
SHA256
b48f6b1f1221ea509af97e63f65cf2682b1d4c5febed5f9cb1170bb189202bc0
-
SHA512
d22fd13920a73d88991695ba4434ff726f5d5b2431622e284370445658306e8f86a27a9cba4fce4cf519597c701ae44ffe550b6515a4c64d5de0a648912d86f5
-
SSDEEP
98304:2Xs80Mp6rUwkN0Y6BmEUBK1UIACWBrZNRsCUBstCv/dfc8zPQT:2Xs8HX6YZET2IARBdNRIBp/df9Y
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-