General
-
Target
c1b46225e57d9f745b8d9615103eebe39afad6502da33da7e34b0c8921bec151
-
Size
4.1MB
-
Sample
221128-zjk6ksec95
-
MD5
7314e2a4ce644f6dbe2e0f56f03789f7
-
SHA1
610256e7751e52e6bd56f55dce54998130dffc8b
-
SHA256
c1b46225e57d9f745b8d9615103eebe39afad6502da33da7e34b0c8921bec151
-
SHA512
a126ec5741e8d4ac9478f79ed8af4891d1ffa0381395f7638f2ace879be3e6cfa963b03b917b1d0a1424ea1082918345b5c6cfbe9c771ddd51fa4a12b082f276
-
SSDEEP
98304:CMgP4bOLpAr/1SMIsBcCb0qMGSCeCfWVAbLWIW0Jf1GKsa72AqXjTD7Md:C3P4bH/RBcC07GSCexVgWIWiEzRnTvAd
Static task
static1
Malware Config
Targets
-
-
Target
c1b46225e57d9f745b8d9615103eebe39afad6502da33da7e34b0c8921bec151
-
Size
4.1MB
-
MD5
7314e2a4ce644f6dbe2e0f56f03789f7
-
SHA1
610256e7751e52e6bd56f55dce54998130dffc8b
-
SHA256
c1b46225e57d9f745b8d9615103eebe39afad6502da33da7e34b0c8921bec151
-
SHA512
a126ec5741e8d4ac9478f79ed8af4891d1ffa0381395f7638f2ace879be3e6cfa963b03b917b1d0a1424ea1082918345b5c6cfbe9c771ddd51fa4a12b082f276
-
SSDEEP
98304:CMgP4bOLpAr/1SMIsBcCb0qMGSCeCfWVAbLWIW0Jf1GKsa72AqXjTD7Md:C3P4bH/RBcC07GSCexVgWIWiEzRnTvAd
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-