General
-
Target
1dbd30bc532635bfa4df57196eafa464ac25d82864ae0d12eab88561ccbfa523
-
Size
4.1MB
-
Sample
221128-qlzx3sbd3w
-
MD5
0ede99653c67ad8acd1ec26ec4923d81
-
SHA1
702628a51bb75db5b1265377d8941daf555b2937
-
SHA256
1dbd30bc532635bfa4df57196eafa464ac25d82864ae0d12eab88561ccbfa523
-
SHA512
ec25186be55485aa65ef85deae390e02a708c075f5d2bb86de3fe17fcecb0592455b74ac0d830cf3b24cbb34b1993a90cef472edcaea733a64a1601825276280
-
SSDEEP
98304:wX8YhnDsL7UpScVkQScSy4V0IdczPV1a+LgUVvZjlIK9zAEzAoHFAIXr8VyVcktL:wX8uDGY5iQKyRJP5LJjOKSEzAqBXray7
Static task
static1
Malware Config
Targets
-
-
Target
1dbd30bc532635bfa4df57196eafa464ac25d82864ae0d12eab88561ccbfa523
-
Size
4.1MB
-
MD5
0ede99653c67ad8acd1ec26ec4923d81
-
SHA1
702628a51bb75db5b1265377d8941daf555b2937
-
SHA256
1dbd30bc532635bfa4df57196eafa464ac25d82864ae0d12eab88561ccbfa523
-
SHA512
ec25186be55485aa65ef85deae390e02a708c075f5d2bb86de3fe17fcecb0592455b74ac0d830cf3b24cbb34b1993a90cef472edcaea733a64a1601825276280
-
SSDEEP
98304:wX8YhnDsL7UpScVkQScSy4V0IdczPV1a+LgUVvZjlIK9zAEzAoHFAIXr8VyVcktL:wX8uDGY5iQKyRJP5LJjOKSEzAqBXray7
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-