General
-
Target
039ad05f6bd67d5c4ddd7f73b26774af4f1a62bf3544cc530133b970f3bddc51
-
Size
4.0MB
-
Sample
221130-2ee5waba89
-
MD5
32bd21beaa20de9cdf41be50c5943e8b
-
SHA1
9f1f0a85f1185d503eb3586149d95a347d0401bc
-
SHA256
039ad05f6bd67d5c4ddd7f73b26774af4f1a62bf3544cc530133b970f3bddc51
-
SHA512
769ce78dc020163633a0514310a96efb056e341808faea3d24ecb7d01a4fe8fe3dbc42d42d32a1b399a9506a949b6148d7040c4edccf9b34b6a9a5f275e757d2
-
SSDEEP
98304:s+KQV8p0ww2h2lE1N9xrmeDfhN3a0IXDfB2OEG4GX3O8XwFKGac0:j8p0ww2hYk9xrmebhN3a0ITZYWW3aV
Static task
static1
Malware Config
Targets
-
-
Target
039ad05f6bd67d5c4ddd7f73b26774af4f1a62bf3544cc530133b970f3bddc51
-
Size
4.0MB
-
MD5
32bd21beaa20de9cdf41be50c5943e8b
-
SHA1
9f1f0a85f1185d503eb3586149d95a347d0401bc
-
SHA256
039ad05f6bd67d5c4ddd7f73b26774af4f1a62bf3544cc530133b970f3bddc51
-
SHA512
769ce78dc020163633a0514310a96efb056e341808faea3d24ecb7d01a4fe8fe3dbc42d42d32a1b399a9506a949b6148d7040c4edccf9b34b6a9a5f275e757d2
-
SSDEEP
98304:s+KQV8p0ww2h2lE1N9xrmeDfhN3a0IXDfB2OEG4GX3O8XwFKGac0:j8p0ww2hYk9xrmebhN3a0ITZYWW3aV
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-