General
-
Target
329dced78cefd2d9248ca0ca152bbab9b3d3960a364c29006734456aeff6dcf2
-
Size
4.1MB
-
Sample
221128-vq4t2sfc8t
-
MD5
c464e274139168d7bfae95efca282d35
-
SHA1
b515ac098d959a5b0ccab49e612311eccbe89759
-
SHA256
329dced78cefd2d9248ca0ca152bbab9b3d3960a364c29006734456aeff6dcf2
-
SHA512
e9e168684c5f4ec5498d92213177e039539b2c19acec4a9257c74e2afe90545efd0ac05eb6e1003879af5598674e408ab08e682a3c60fd3ebc72c823bc31d17c
-
SSDEEP
98304:i46DDV2dO19M5fEcGk+aSr4oe8Oru22gnmiqr51QOSJucVUuSD7a:i4yDV2dO/zcS4D8t2Bnmi2LcVUucO
Static task
static1
Malware Config
Targets
-
-
Target
329dced78cefd2d9248ca0ca152bbab9b3d3960a364c29006734456aeff6dcf2
-
Size
4.1MB
-
MD5
c464e274139168d7bfae95efca282d35
-
SHA1
b515ac098d959a5b0ccab49e612311eccbe89759
-
SHA256
329dced78cefd2d9248ca0ca152bbab9b3d3960a364c29006734456aeff6dcf2
-
SHA512
e9e168684c5f4ec5498d92213177e039539b2c19acec4a9257c74e2afe90545efd0ac05eb6e1003879af5598674e408ab08e682a3c60fd3ebc72c823bc31d17c
-
SSDEEP
98304:i46DDV2dO19M5fEcGk+aSr4oe8Oru22gnmiqr51QOSJucVUuSD7a:i4yDV2dO/zcS4D8t2Bnmi2LcVUucO
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-