General
-
Target
10497d7389e0019c86c4af9609b06470f56017e4494dbeada0ab897b353e5fff
-
Size
4.1MB
-
Sample
221128-w93lrsga98
-
MD5
55484d94925928747e50581241335ca8
-
SHA1
6f59be96ebd9070309fedbb8a9ec6801d5e689f9
-
SHA256
10497d7389e0019c86c4af9609b06470f56017e4494dbeada0ab897b353e5fff
-
SHA512
5c22ae66afb1e4bbc878e50fac496b4dd6b17ffa5f5bd4ae31060e27a2b61856ebde3dc3c651ba8715dbed633800eb8dfdb7c71a90bd97072b01f211ce093b47
-
SSDEEP
98304:/dlbaf39GDidRXU8P5s6cPsCmSQheGmF88dgZdOyyKTaVFxZCnD7m:/d5asGLXU8Oxkn888dEdOyyt3vCDy
Static task
static1
Malware Config
Targets
-
-
Target
10497d7389e0019c86c4af9609b06470f56017e4494dbeada0ab897b353e5fff
-
Size
4.1MB
-
MD5
55484d94925928747e50581241335ca8
-
SHA1
6f59be96ebd9070309fedbb8a9ec6801d5e689f9
-
SHA256
10497d7389e0019c86c4af9609b06470f56017e4494dbeada0ab897b353e5fff
-
SHA512
5c22ae66afb1e4bbc878e50fac496b4dd6b17ffa5f5bd4ae31060e27a2b61856ebde3dc3c651ba8715dbed633800eb8dfdb7c71a90bd97072b01f211ce093b47
-
SSDEEP
98304:/dlbaf39GDidRXU8P5s6cPsCmSQheGmF88dgZdOyyKTaVFxZCnD7m:/d5asGLXU8Oxkn888dEdOyyt3vCDy
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-