General
-
Target
261a1f0e30fe01742664f5f8a1ed4c530bef37ff2dca1edfbca68711e6853f0c
-
Size
4.0MB
-
Sample
221130-y3pgnsbh75
-
MD5
7fa4ed92d3abbfa09e05ea115f44d895
-
SHA1
56ae9f0f0d72bbd3c27e0ed70a18294cfcb35839
-
SHA256
261a1f0e30fe01742664f5f8a1ed4c530bef37ff2dca1edfbca68711e6853f0c
-
SHA512
dcec5700e00e7f070b486d3cafd7de1c8393c908de2fe6d81f7a022fd951783270f38cb1784bc2400f2a6e7d9e719b920c02b88db889ece5d7eeeb8dc8eda990
-
SSDEEP
98304:3uvQMkDr5aNNKpvMwyutntEtzEkA1+a5icKRv6t/YXp:3CQM8rEDKpv6gtEtWgcFmp
Static task
static1
Malware Config
Targets
-
-
Target
261a1f0e30fe01742664f5f8a1ed4c530bef37ff2dca1edfbca68711e6853f0c
-
Size
4.0MB
-
MD5
7fa4ed92d3abbfa09e05ea115f44d895
-
SHA1
56ae9f0f0d72bbd3c27e0ed70a18294cfcb35839
-
SHA256
261a1f0e30fe01742664f5f8a1ed4c530bef37ff2dca1edfbca68711e6853f0c
-
SHA512
dcec5700e00e7f070b486d3cafd7de1c8393c908de2fe6d81f7a022fd951783270f38cb1784bc2400f2a6e7d9e719b920c02b88db889ece5d7eeeb8dc8eda990
-
SSDEEP
98304:3uvQMkDr5aNNKpvMwyutntEtzEkA1+a5icKRv6t/YXp:3CQM8rEDKpv6gtEtWgcFmp
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-