General
-
Target
86f15a9931498bbc4c36d2ef7d831b6c21e1f8c6118054fba42dc428449c507d
-
Size
4.0MB
-
Sample
221201-ldevqahf6y
-
MD5
d2988a25ad61eed479856c69d4bfe123
-
SHA1
153b4ca0bfbd898b443b345c18fb6d698bc805ba
-
SHA256
86f15a9931498bbc4c36d2ef7d831b6c21e1f8c6118054fba42dc428449c507d
-
SHA512
cfe0bceca23dc18b9547fb11ab8db546d654999ccfc059825360b2453df00c27e3d73bb77693e9948274e2fc95243aed700d32610851e1ecbf7cc043c8189b70
-
SSDEEP
98304:IlnZrOWuz2d3VuNfkKipbaqoQNtsB0QCU2lrhMFGXfRXQOy1c3c+:IlZru3f/ipZK0i29hM8RgOye3c+
Static task
static1
Malware Config
Targets
-
-
Target
86f15a9931498bbc4c36d2ef7d831b6c21e1f8c6118054fba42dc428449c507d
-
Size
4.0MB
-
MD5
d2988a25ad61eed479856c69d4bfe123
-
SHA1
153b4ca0bfbd898b443b345c18fb6d698bc805ba
-
SHA256
86f15a9931498bbc4c36d2ef7d831b6c21e1f8c6118054fba42dc428449c507d
-
SHA512
cfe0bceca23dc18b9547fb11ab8db546d654999ccfc059825360b2453df00c27e3d73bb77693e9948274e2fc95243aed700d32610851e1ecbf7cc043c8189b70
-
SSDEEP
98304:IlnZrOWuz2d3VuNfkKipbaqoQNtsB0QCU2lrhMFGXfRXQOy1c3c+:IlZru3f/ipZK0i29hM8RgOye3c+
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-