General
-
Target
a3d48772d43ebe74947df0a000ee0506a84a239249b122eb32902cc3a2f1ea0e
-
Size
4.0MB
-
Sample
221201-qtnj1sfh6t
-
MD5
4f32d6cbbcaaa869f8d739c6ccd26e67
-
SHA1
4cf204b14104b573531a0a47c87cee60a5fb4898
-
SHA256
a3d48772d43ebe74947df0a000ee0506a84a239249b122eb32902cc3a2f1ea0e
-
SHA512
c1cc9444f22f66bd5203387f06252bd7081b87ca5c705bdd5a095c183a41b7e048e3124a59d13d0ca1504fd38e688669274228caadd0b28bb400f21e56153a6e
-
SSDEEP
98304:t7QqQ198dUf/iiFamLv8lSYVpQv+Ph4cgUWS0A/RBMA9o2p4QQO99K6:tDQ16HiFrLcSYY2PZgNS0ADMQhD
Static task
static1
Malware Config
Targets
-
-
Target
a3d48772d43ebe74947df0a000ee0506a84a239249b122eb32902cc3a2f1ea0e
-
Size
4.0MB
-
MD5
4f32d6cbbcaaa869f8d739c6ccd26e67
-
SHA1
4cf204b14104b573531a0a47c87cee60a5fb4898
-
SHA256
a3d48772d43ebe74947df0a000ee0506a84a239249b122eb32902cc3a2f1ea0e
-
SHA512
c1cc9444f22f66bd5203387f06252bd7081b87ca5c705bdd5a095c183a41b7e048e3124a59d13d0ca1504fd38e688669274228caadd0b28bb400f21e56153a6e
-
SSDEEP
98304:t7QqQ198dUf/iiFamLv8lSYVpQv+Ph4cgUWS0A/RBMA9o2p4QQO99K6:tDQ16HiFrLcSYY2PZgNS0ADMQhD
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-