General
-
Target
c408e3b375241069578a9bba8cfad5c862f26ca281b1f55d30b5ab9ac2f725ab
-
Size
4.0MB
-
Sample
221201-l48wgsca7y
-
MD5
fa16535a68cb50ebb253a97dbad34e27
-
SHA1
9db6154c8ea1cc8f69cefcacd239da14b42537aa
-
SHA256
c408e3b375241069578a9bba8cfad5c862f26ca281b1f55d30b5ab9ac2f725ab
-
SHA512
c4e996df5ddb6b746c5451e99c94612ea3c699f95616d4bc0b78586cd2f2122aef1c0842c3a35b34018c26b8036c906fc0248594b9d0df194e47d8ae4d33ef5f
-
SSDEEP
98304:SZchzYLuQLBtHA6RYJMe2CCKUVlot1ZIbPGbw1Xn4Vw:xhcJVYV2CCKUwtsl134Vw
Static task
static1
Malware Config
Targets
-
-
Target
c408e3b375241069578a9bba8cfad5c862f26ca281b1f55d30b5ab9ac2f725ab
-
Size
4.0MB
-
MD5
fa16535a68cb50ebb253a97dbad34e27
-
SHA1
9db6154c8ea1cc8f69cefcacd239da14b42537aa
-
SHA256
c408e3b375241069578a9bba8cfad5c862f26ca281b1f55d30b5ab9ac2f725ab
-
SHA512
c4e996df5ddb6b746c5451e99c94612ea3c699f95616d4bc0b78586cd2f2122aef1c0842c3a35b34018c26b8036c906fc0248594b9d0df194e47d8ae4d33ef5f
-
SSDEEP
98304:SZchzYLuQLBtHA6RYJMe2CCKUVlot1ZIbPGbw1Xn4Vw:xhcJVYV2CCKUwtsl134Vw
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-