General
-
Target
b7ec7fff5c5fc8a564205bef07b8f60aecda73933927dd18f345ccec133f99f2
-
Size
4.1MB
-
Sample
221129-f5w1eshh52
-
MD5
eeaacc5d8800cad9ac19519efea555bd
-
SHA1
423cf907f447546cecd63fdfb3c7c9d710756676
-
SHA256
b7ec7fff5c5fc8a564205bef07b8f60aecda73933927dd18f345ccec133f99f2
-
SHA512
5674688678f8b562fb90a1317a50cff4989f8f01ac794e739a0dc524cf6587563cce46fd2f5146bca1dd3fb217e3bdc3719f0ebacde49824e70c4b3fb8562071
-
SSDEEP
98304:zMKbOWDfrI4HsNsD3bFRtrhbTfz7dTXvy9R/s15PQX:zM6fuG7DlJflTXks0
Static task
static1
Malware Config
Targets
-
-
Target
b7ec7fff5c5fc8a564205bef07b8f60aecda73933927dd18f345ccec133f99f2
-
Size
4.1MB
-
MD5
eeaacc5d8800cad9ac19519efea555bd
-
SHA1
423cf907f447546cecd63fdfb3c7c9d710756676
-
SHA256
b7ec7fff5c5fc8a564205bef07b8f60aecda73933927dd18f345ccec133f99f2
-
SHA512
5674688678f8b562fb90a1317a50cff4989f8f01ac794e739a0dc524cf6587563cce46fd2f5146bca1dd3fb217e3bdc3719f0ebacde49824e70c4b3fb8562071
-
SSDEEP
98304:zMKbOWDfrI4HsNsD3bFRtrhbTfz7dTXvy9R/s15PQX:zM6fuG7DlJflTXks0
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-