General
-
Target
2acdaa1ebce78da2e51ab80d20ddf2f1a87de0c39a25ca23dcdf2b1a84d508fc
-
Size
4.1MB
-
Sample
230127-vmaf2acc38
-
MD5
3f141737176a6cd93d2905c3cec344cb
-
SHA1
5e3218b3687801aad91e188b34697f6578c0938d
-
SHA256
2acdaa1ebce78da2e51ab80d20ddf2f1a87de0c39a25ca23dcdf2b1a84d508fc
-
SHA512
e3b43ccc2cd779e5edf347410246f3eb6a2441b1ff217379bdb97aa13c7287eceabd1e42e79c2cd8f2d088d52853e176ae66289a8e3b1d7af9a6c59780c76c5e
-
SSDEEP
49152:Y01aXNTrvJAh35FmtfWfV9rgvkGy136MpbM2z6VaUOuFge56gKvUt/LlErQfC9Zv:c9nJgHm+qubM2zUajreHP+Ef+nUPX+Gw
Static task
static1
Malware Config
Targets
-
-
Target
2acdaa1ebce78da2e51ab80d20ddf2f1a87de0c39a25ca23dcdf2b1a84d508fc
-
Size
4.1MB
-
MD5
3f141737176a6cd93d2905c3cec344cb
-
SHA1
5e3218b3687801aad91e188b34697f6578c0938d
-
SHA256
2acdaa1ebce78da2e51ab80d20ddf2f1a87de0c39a25ca23dcdf2b1a84d508fc
-
SHA512
e3b43ccc2cd779e5edf347410246f3eb6a2441b1ff217379bdb97aa13c7287eceabd1e42e79c2cd8f2d088d52853e176ae66289a8e3b1d7af9a6c59780c76c5e
-
SSDEEP
49152:Y01aXNTrvJAh35FmtfWfV9rgvkGy136MpbM2z6VaUOuFge56gKvUt/LlErQfC9Zv:c9nJgHm+qubM2zUajreHP+Ef+nUPX+Gw
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-