General
-
Target
0cc2af760b0c511a17acc9b8a642915d4d1b164e53d949a76080ce0c93e92526
-
Size
4.0MB
-
Sample
221201-j78nsaac56
-
MD5
85b1d41eacfd6e47685a1042548ee097
-
SHA1
3a31ace7a4c6d3e422cfa370f8d87ba28f461151
-
SHA256
0cc2af760b0c511a17acc9b8a642915d4d1b164e53d949a76080ce0c93e92526
-
SHA512
22dca77fab68db24cdb63d7ff58596f4574dff0b2dbe20b800a99bfac45ced6e88ae4d451ad39eb6756882e99e8d51b2c1d31fc680f122127f25945d3c856953
-
SSDEEP
98304:hoAWptSMcOpQAYw9jjKLF3d0f1csFgJEsrVW5MCc:hoAWnnlB9Xot2srVgMZ
Static task
static1
Malware Config
Targets
-
-
Target
0cc2af760b0c511a17acc9b8a642915d4d1b164e53d949a76080ce0c93e92526
-
Size
4.0MB
-
MD5
85b1d41eacfd6e47685a1042548ee097
-
SHA1
3a31ace7a4c6d3e422cfa370f8d87ba28f461151
-
SHA256
0cc2af760b0c511a17acc9b8a642915d4d1b164e53d949a76080ce0c93e92526
-
SHA512
22dca77fab68db24cdb63d7ff58596f4574dff0b2dbe20b800a99bfac45ced6e88ae4d451ad39eb6756882e99e8d51b2c1d31fc680f122127f25945d3c856953
-
SSDEEP
98304:hoAWptSMcOpQAYw9jjKLF3d0f1csFgJEsrVW5MCc:hoAWnnlB9Xot2srVgMZ
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-