General
-
Target
4a054e74fdb420bddfc3bad7a5181a8fd2fc7e841b5d4e4932246c288847e9b4
-
Size
4.0MB
-
Sample
221130-a7qzasdc52
-
MD5
2f2bd27f83ace603848653d982c8b45c
-
SHA1
cf16c504b3c13bfdc33331caa854aabf270bddc1
-
SHA256
4a054e74fdb420bddfc3bad7a5181a8fd2fc7e841b5d4e4932246c288847e9b4
-
SHA512
b825ec192c48aa43bc8654aa42b9b1b9ad18c31f9c0649dbd828440bc87517577ae7e310c7e5f867f78d196ef1c3dc9ffd1c4282b2881d743c421577e8cc7c6f
-
SSDEEP
98304:0gjjL01Lpqs3ZPf4L9iN73Wkv773s4xKrOOfRcOWE:06g193PfPoU773sYJgRcOWE
Static task
static1
Malware Config
Targets
-
-
Target
4a054e74fdb420bddfc3bad7a5181a8fd2fc7e841b5d4e4932246c288847e9b4
-
Size
4.0MB
-
MD5
2f2bd27f83ace603848653d982c8b45c
-
SHA1
cf16c504b3c13bfdc33331caa854aabf270bddc1
-
SHA256
4a054e74fdb420bddfc3bad7a5181a8fd2fc7e841b5d4e4932246c288847e9b4
-
SHA512
b825ec192c48aa43bc8654aa42b9b1b9ad18c31f9c0649dbd828440bc87517577ae7e310c7e5f867f78d196ef1c3dc9ffd1c4282b2881d743c421577e8cc7c6f
-
SSDEEP
98304:0gjjL01Lpqs3ZPf4L9iN73Wkv773s4xKrOOfRcOWE:06g193PfPoU773sYJgRcOWE
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-