General
-
Target
75a252c6a46d7b96c6bcf29d8dd9169fd8373046272df89615b87667ccef2e10
-
Size
4.0MB
-
Sample
221130-3h5elshh9y
-
MD5
ba93cc313358fd7679b03eeba019e3ce
-
SHA1
17a3ae2dc17ec1534ef6e4619f00f5f5d6c3c071
-
SHA256
75a252c6a46d7b96c6bcf29d8dd9169fd8373046272df89615b87667ccef2e10
-
SHA512
f958aba831e8848b9c0789fec5fb7ad5d5bbdf030431b3f972eb010392887e476696e4830b527c25f46795ab8b7806a2aa5d80b4d94803e382c108e889c27c6e
-
SSDEEP
98304:JZRSZU+dJiQ246IZRsvwvWzky5VHJHwb/QE7qw7L/M3f/1T:y9JiQ2NIZJMky5ZcQE7qCQ3f/t
Static task
static1
Malware Config
Targets
-
-
Target
75a252c6a46d7b96c6bcf29d8dd9169fd8373046272df89615b87667ccef2e10
-
Size
4.0MB
-
MD5
ba93cc313358fd7679b03eeba019e3ce
-
SHA1
17a3ae2dc17ec1534ef6e4619f00f5f5d6c3c071
-
SHA256
75a252c6a46d7b96c6bcf29d8dd9169fd8373046272df89615b87667ccef2e10
-
SHA512
f958aba831e8848b9c0789fec5fb7ad5d5bbdf030431b3f972eb010392887e476696e4830b527c25f46795ab8b7806a2aa5d80b4d94803e382c108e889c27c6e
-
SSDEEP
98304:JZRSZU+dJiQ246IZRsvwvWzky5VHJHwb/QE7qw7L/M3f/1T:y9JiQ2NIZJMky5ZcQE7qCQ3f/t
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-