General
-
Target
4b3d39741b3962c440017b53e4777c554e703a04b28e3fb7c025bec8489fc7a4
-
Size
4.1MB
-
Sample
230127-3z3x4seh5x
-
MD5
af39bbcc3563ff9272f22266c275a248
-
SHA1
bf1d2f7d5304742c7ea663645ef942d9d3eba473
-
SHA256
4b3d39741b3962c440017b53e4777c554e703a04b28e3fb7c025bec8489fc7a4
-
SHA512
c637f9d1a2961244f9f1c99127d9470effaf3e60c27bb750c4f6ae61032c027367c93b5efda2861e607c45aff99f0bd5894edf71a74674520a7a0a4a6c4fdc38
-
SSDEEP
98304:QhGXk0lBlkSduP/MUU6wIi7AJ1gNLP2BBbqkoxg317Gr/lQLVz:kslBaSdglK7yBbDoxw1aryz
Static task
static1
Malware Config
Targets
-
-
Target
4b3d39741b3962c440017b53e4777c554e703a04b28e3fb7c025bec8489fc7a4
-
Size
4.1MB
-
MD5
af39bbcc3563ff9272f22266c275a248
-
SHA1
bf1d2f7d5304742c7ea663645ef942d9d3eba473
-
SHA256
4b3d39741b3962c440017b53e4777c554e703a04b28e3fb7c025bec8489fc7a4
-
SHA512
c637f9d1a2961244f9f1c99127d9470effaf3e60c27bb750c4f6ae61032c027367c93b5efda2861e607c45aff99f0bd5894edf71a74674520a7a0a4a6c4fdc38
-
SSDEEP
98304:QhGXk0lBlkSduP/MUU6wIi7AJ1gNLP2BBbqkoxg317Gr/lQLVz:kslBaSdglK7yBbDoxw1aryz
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-