General
-
Target
21bdab277762f9c2a3ec9b60f256c41b620f41d341d795e66012916aef41361c
-
Size
4.0MB
-
Sample
221130-x18bbsbc8w
-
MD5
eaa5646efbcd130c933d476c70f7aeeb
-
SHA1
179eb9d98f1c57320bca819c935b217c86e7002c
-
SHA256
21bdab277762f9c2a3ec9b60f256c41b620f41d341d795e66012916aef41361c
-
SHA512
ef0d357261b835c7c58e846c2d18cc392deca06f642c48aa1347a0861a936b0e9ae414e2aa534b378fd3f9f522b78d4d13c64680407de482f23bd6fa11f5a5bc
-
SSDEEP
98304:r9oyhMKUHEin9692umpfwgbzzmwOVK2wvVMLl:Z1MKGu6zmjK1WJ
Static task
static1
Malware Config
Targets
-
-
Target
21bdab277762f9c2a3ec9b60f256c41b620f41d341d795e66012916aef41361c
-
Size
4.0MB
-
MD5
eaa5646efbcd130c933d476c70f7aeeb
-
SHA1
179eb9d98f1c57320bca819c935b217c86e7002c
-
SHA256
21bdab277762f9c2a3ec9b60f256c41b620f41d341d795e66012916aef41361c
-
SHA512
ef0d357261b835c7c58e846c2d18cc392deca06f642c48aa1347a0861a936b0e9ae414e2aa534b378fd3f9f522b78d4d13c64680407de482f23bd6fa11f5a5bc
-
SSDEEP
98304:r9oyhMKUHEin9692umpfwgbzzmwOVK2wvVMLl:Z1MKGu6zmjK1WJ
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-