General
-
Target
298b3a0866301e3b240a01f3bbe5a7f819e2cac2caff8b051c2c1c814471d531
-
Size
4.0MB
-
Sample
221201-mxkqraec71
-
MD5
10e235f705e6c29ca58a8cb0212f3af6
-
SHA1
d42295f64f9283af82458dd0df0b6d5788d66015
-
SHA256
298b3a0866301e3b240a01f3bbe5a7f819e2cac2caff8b051c2c1c814471d531
-
SHA512
68e15bb83ca75e45a5db02d9dc9c2954ad0fd1fd0808d92a8984995b9a192408f77950cd71bee7a6896252b8d738d3e6dc245f8ee4bf29b48e8ee3761e0e599b
-
SSDEEP
98304:EMEUNMAwSi8TA9tCAWu9sTPVt8HqhMgdXm2nGopXYjT3f3:ETUOAni8TAjCAWcUPVt8HtgdrpFYjTf
Static task
static1
Malware Config
Targets
-
-
Target
298b3a0866301e3b240a01f3bbe5a7f819e2cac2caff8b051c2c1c814471d531
-
Size
4.0MB
-
MD5
10e235f705e6c29ca58a8cb0212f3af6
-
SHA1
d42295f64f9283af82458dd0df0b6d5788d66015
-
SHA256
298b3a0866301e3b240a01f3bbe5a7f819e2cac2caff8b051c2c1c814471d531
-
SHA512
68e15bb83ca75e45a5db02d9dc9c2954ad0fd1fd0808d92a8984995b9a192408f77950cd71bee7a6896252b8d738d3e6dc245f8ee4bf29b48e8ee3761e0e599b
-
SSDEEP
98304:EMEUNMAwSi8TA9tCAWu9sTPVt8HqhMgdXm2nGopXYjT3f3:ETUOAni8TAjCAWcUPVt8HtgdrpFYjTf
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-