General
-
Target
c636db0d3b23e35aa397e73159ca2ec885e60b9fbd9c9ffd96e0d06c79b5c415
-
Size
179KB
-
Sample
221203-mla26sca64
-
MD5
46aaf45bd4a4565be0090a3c5b99eb89
-
SHA1
b18c12a31da39f6e27fa67d97cd293d65690078f
-
SHA256
c636db0d3b23e35aa397e73159ca2ec885e60b9fbd9c9ffd96e0d06c79b5c415
-
SHA512
82fddad9b40e5fb144cede3a49b46891b4ed4d32a85575dcef5052201348fedf62a90030a2dac8b49df75bda5229907f27138096e27efc1fad8f893303bad645
-
SSDEEP
3072:oeU0WY+eAE82UQckMd16cBD8kk9EnMTkTiuVjshE7r/QpNOTggvPR26HOMo8:otO+pQNGakWRE7LyeOk
Malware Config
Targets
-
-
Target
c636db0d3b23e35aa397e73159ca2ec885e60b9fbd9c9ffd96e0d06c79b5c415
-
Size
179KB
-
MD5
46aaf45bd4a4565be0090a3c5b99eb89
-
SHA1
b18c12a31da39f6e27fa67d97cd293d65690078f
-
SHA256
c636db0d3b23e35aa397e73159ca2ec885e60b9fbd9c9ffd96e0d06c79b5c415
-
SHA512
82fddad9b40e5fb144cede3a49b46891b4ed4d32a85575dcef5052201348fedf62a90030a2dac8b49df75bda5229907f27138096e27efc1fad8f893303bad645
-
SSDEEP
3072:oeU0WY+eAE82UQckMd16cBD8kk9EnMTkTiuVjshE7r/QpNOTggvPR26HOMo8:otO+pQNGakWRE7LyeOk
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-