General
-
Target
04680096c7e1e48d197016f3f66e0fb2960bec10f2473fb068a6000fbba5438c
-
Size
4.0MB
-
Sample
221201-f16n3acc5s
-
MD5
cfcbaf76e34d95750fbd4965242077d9
-
SHA1
757bb27e3cc8569641902d805fd8aabfbf1568c1
-
SHA256
04680096c7e1e48d197016f3f66e0fb2960bec10f2473fb068a6000fbba5438c
-
SHA512
20099b428d42618dbf03b68c54f82424c24186b391395deb1a460d418ae9b25a2ade0decdc1b1d27a45fa0693c3ab4fc9ecb46737618273642cd8da4ac0b9302
-
SSDEEP
98304:Ec6OhvHDZFHuE33nMm2wh+PH3SROJJGbSfwTaKJN:Ec6qvHDZb3Mm2wEfqOJWcpAN
Static task
static1
Malware Config
Targets
-
-
Target
04680096c7e1e48d197016f3f66e0fb2960bec10f2473fb068a6000fbba5438c
-
Size
4.0MB
-
MD5
cfcbaf76e34d95750fbd4965242077d9
-
SHA1
757bb27e3cc8569641902d805fd8aabfbf1568c1
-
SHA256
04680096c7e1e48d197016f3f66e0fb2960bec10f2473fb068a6000fbba5438c
-
SHA512
20099b428d42618dbf03b68c54f82424c24186b391395deb1a460d418ae9b25a2ade0decdc1b1d27a45fa0693c3ab4fc9ecb46737618273642cd8da4ac0b9302
-
SSDEEP
98304:Ec6OhvHDZFHuE33nMm2wh+PH3SROJJGbSfwTaKJN:Ec6qvHDZb3Mm2wEfqOJWcpAN
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-