General
-
Target
d5c2d1072b3a3f0dfcf2d6e61bc317053727f364c1aaa0dab7d8b0bccaa570c4
-
Size
4.1MB
-
Sample
221128-gb7eqsea7y
-
MD5
98d480ed28e2681f442fc021050ffe07
-
SHA1
14ff4540da14f94200f2ed42bdbdfb88a9928fad
-
SHA256
d5c2d1072b3a3f0dfcf2d6e61bc317053727f364c1aaa0dab7d8b0bccaa570c4
-
SHA512
e2b0a30c80eb6f1673a2a8563b51b839eaa72de09dda6292c1b268554b3b83c38a8ce6bccb0d731c77557c351c63409b334bf00f7a3446971db871a6fe446df6
-
SSDEEP
98304:Ju95vJMW+2DhDj/XyqAwzbZTTdNB2aTi3krXC1:Q95vJMAdjR3uaTi33
Static task
static1
Malware Config
Targets
-
-
Target
d5c2d1072b3a3f0dfcf2d6e61bc317053727f364c1aaa0dab7d8b0bccaa570c4
-
Size
4.1MB
-
MD5
98d480ed28e2681f442fc021050ffe07
-
SHA1
14ff4540da14f94200f2ed42bdbdfb88a9928fad
-
SHA256
d5c2d1072b3a3f0dfcf2d6e61bc317053727f364c1aaa0dab7d8b0bccaa570c4
-
SHA512
e2b0a30c80eb6f1673a2a8563b51b839eaa72de09dda6292c1b268554b3b83c38a8ce6bccb0d731c77557c351c63409b334bf00f7a3446971db871a6fe446df6
-
SSDEEP
98304:Ju95vJMW+2DhDj/XyqAwzbZTTdNB2aTi3krXC1:Q95vJMAdjR3uaTi33
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-