General
-
Target
66eb1f154ed50178a8b90a89e99d32956b75e90678a77443e52317b486dda65b
-
Size
4.0MB
-
Sample
221201-q72c2ahc9y
-
MD5
9b5e1dfde7d1e7749598735e8970797d
-
SHA1
7e127a2330ea5bf4ebe3450a9b1d76093d089a15
-
SHA256
66eb1f154ed50178a8b90a89e99d32956b75e90678a77443e52317b486dda65b
-
SHA512
d80b5d3101649bed4384b7d6e07bceea130e56ca194d500e0b98c46dfe11a257ba2ba1caf44452e1c240a114b3770745fcb76e3678ae5f6b40d3f6aa5c4b5ec7
-
SSDEEP
98304:PnPFDNnyrSw80tFIEkmPHt8ILhjPUMumGREcLzML:PP3s33PHt8oLGREcv2
Static task
static1
Malware Config
Targets
-
-
Target
66eb1f154ed50178a8b90a89e99d32956b75e90678a77443e52317b486dda65b
-
Size
4.0MB
-
MD5
9b5e1dfde7d1e7749598735e8970797d
-
SHA1
7e127a2330ea5bf4ebe3450a9b1d76093d089a15
-
SHA256
66eb1f154ed50178a8b90a89e99d32956b75e90678a77443e52317b486dda65b
-
SHA512
d80b5d3101649bed4384b7d6e07bceea130e56ca194d500e0b98c46dfe11a257ba2ba1caf44452e1c240a114b3770745fcb76e3678ae5f6b40d3f6aa5c4b5ec7
-
SSDEEP
98304:PnPFDNnyrSw80tFIEkmPHt8ILhjPUMumGREcLzML:PP3s33PHt8oLGREcv2
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-