General
-
Target
a3b41a1646763a55b4d1530d8cff3444be5a20bf6123bb95f5e396f01f5200e9
-
Size
252KB
-
Sample
221129-eqg3aagf8x
-
MD5
ce9b56c4c4e47d05fc99395347388cde
-
SHA1
191f014a70b17994b997a1fb645e2d5987062713
-
SHA256
a3b41a1646763a55b4d1530d8cff3444be5a20bf6123bb95f5e396f01f5200e9
-
SHA512
b9b900950d941f4498a2b8ee7e224e965ece1d911d8a7b13ee4640c546a3ba2e728b5805fb7c5b840d07c3c8feef8c2cba388a59de2e8549fde6cb11f74f01bb
-
SSDEEP
6144:nXCV+v8JGSrN3vyyJ32ZVA+ACDkQozAAIM/KyA:Zv8MS1yOmZVgzAAMyA
Malware Config
Targets
-
-
Target
a3b41a1646763a55b4d1530d8cff3444be5a20bf6123bb95f5e396f01f5200e9
-
Size
252KB
-
MD5
ce9b56c4c4e47d05fc99395347388cde
-
SHA1
191f014a70b17994b997a1fb645e2d5987062713
-
SHA256
a3b41a1646763a55b4d1530d8cff3444be5a20bf6123bb95f5e396f01f5200e9
-
SHA512
b9b900950d941f4498a2b8ee7e224e965ece1d911d8a7b13ee4640c546a3ba2e728b5805fb7c5b840d07c3c8feef8c2cba388a59de2e8549fde6cb11f74f01bb
-
SSDEEP
6144:nXCV+v8JGSrN3vyyJ32ZVA+ACDkQozAAIM/KyA:Zv8MS1yOmZVgzAAMyA
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-