General
-
Target
1cf24dc498b51008b6c02cf74356f3a4f33315b334e608ac171ef47f4ed6e660
-
Size
4.1MB
-
Sample
230128-1bzvfaab3s
-
MD5
110dfb19c580be49a301c411c7191608
-
SHA1
bc9c775d78a3e6e53f5bd5a56283fe739c609f29
-
SHA256
1cf24dc498b51008b6c02cf74356f3a4f33315b334e608ac171ef47f4ed6e660
-
SHA512
a2df33a23a04b547bce9852746eb9795d4ad55c57cc5bd8cd12db169bb832651dc228da77bc728780e86c1c0d49371bf36e417f55a1be2100c6538067dd2e226
-
SSDEEP
98304:BcOSPN0ueiVcQ51kmaBVDLp+fpbFwmiNhkVQzmRGopB:BcOSPN09iVV1FstpiLxigVpJB
Static task
static1
Malware Config
Targets
-
-
Target
1cf24dc498b51008b6c02cf74356f3a4f33315b334e608ac171ef47f4ed6e660
-
Size
4.1MB
-
MD5
110dfb19c580be49a301c411c7191608
-
SHA1
bc9c775d78a3e6e53f5bd5a56283fe739c609f29
-
SHA256
1cf24dc498b51008b6c02cf74356f3a4f33315b334e608ac171ef47f4ed6e660
-
SHA512
a2df33a23a04b547bce9852746eb9795d4ad55c57cc5bd8cd12db169bb832651dc228da77bc728780e86c1c0d49371bf36e417f55a1be2100c6538067dd2e226
-
SSDEEP
98304:BcOSPN0ueiVcQ51kmaBVDLp+fpbFwmiNhkVQzmRGopB:BcOSPN09iVV1FstpiLxigVpJB
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-