General
-
Target
94b32569f024824f33b7de4b47b3adc3ec689d81a0805428daee2a3972da87a2
-
Size
4.1MB
-
Sample
221128-w9xqhsga87
-
MD5
64421f1521c8a6702bc48fa1109d0f0c
-
SHA1
65f7ed2d1ab7eeba54994ff5d5e9f1a6ebc28988
-
SHA256
94b32569f024824f33b7de4b47b3adc3ec689d81a0805428daee2a3972da87a2
-
SHA512
7b83930cd9cfbdb2b10a08528f2624fce1e68943b24ec60821e31324f546e69ec17200b12ca9b9e43b455efd4dc054d793d0332071bdae2a37f43a4954092cb2
-
SSDEEP
98304:/dlbaf39GDidRXU8P5s6cPsCmSQheGmF88dgZdOyyKTaVFxZCnD7F:/d5asGLXU8Oxkn888dEdOyyt3vCDh
Static task
static1
Malware Config
Targets
-
-
Target
94b32569f024824f33b7de4b47b3adc3ec689d81a0805428daee2a3972da87a2
-
Size
4.1MB
-
MD5
64421f1521c8a6702bc48fa1109d0f0c
-
SHA1
65f7ed2d1ab7eeba54994ff5d5e9f1a6ebc28988
-
SHA256
94b32569f024824f33b7de4b47b3adc3ec689d81a0805428daee2a3972da87a2
-
SHA512
7b83930cd9cfbdb2b10a08528f2624fce1e68943b24ec60821e31324f546e69ec17200b12ca9b9e43b455efd4dc054d793d0332071bdae2a37f43a4954092cb2
-
SSDEEP
98304:/dlbaf39GDidRXU8P5s6cPsCmSQheGmF88dgZdOyyKTaVFxZCnD7F:/d5asGLXU8Oxkn888dEdOyyt3vCDh
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-