General
-
Target
592d3466191bcc8e97b67753e751b33cf980ca915e577ee5082d8275886dce83
-
Size
4.1MB
-
Sample
221128-ywp5madc23
-
MD5
91b2825c2898de4ce58b41572436c019
-
SHA1
928dd4a5f61191b51d0df3e94978ed5cf9e7c5aa
-
SHA256
592d3466191bcc8e97b67753e751b33cf980ca915e577ee5082d8275886dce83
-
SHA512
f0526c31fecb072e818b44e0e2fbcb5bd87c12b707d3c11b174dd55a53a90fa3f1868776d627260d7782e57aae257381cd6bcd6ec076157042e1fefe4e26a25a
-
SSDEEP
98304:CMgP4bOLpAr/1SMIsBcCb0qMGSCeCfWVAbLWIW0Jf1GKsa72AqXjTD7U:C3P4bH/RBcC07GSCexVgWIWiEzRnTvA
Static task
static1
Malware Config
Targets
-
-
Target
592d3466191bcc8e97b67753e751b33cf980ca915e577ee5082d8275886dce83
-
Size
4.1MB
-
MD5
91b2825c2898de4ce58b41572436c019
-
SHA1
928dd4a5f61191b51d0df3e94978ed5cf9e7c5aa
-
SHA256
592d3466191bcc8e97b67753e751b33cf980ca915e577ee5082d8275886dce83
-
SHA512
f0526c31fecb072e818b44e0e2fbcb5bd87c12b707d3c11b174dd55a53a90fa3f1868776d627260d7782e57aae257381cd6bcd6ec076157042e1fefe4e26a25a
-
SSDEEP
98304:CMgP4bOLpAr/1SMIsBcCb0qMGSCeCfWVAbLWIW0Jf1GKsa72AqXjTD7U:C3P4bH/RBcC07GSCexVgWIWiEzRnTvA
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-