General
-
Target
5b491c6459678855fd61ad419348f74a64966cc8d8d4ce79e1997e88ec75559a
-
Size
4.1MB
-
Sample
230128-1nkahsab5t
-
MD5
ba48a5c9fe3bf9dab70fe657f23632d4
-
SHA1
b19295b5ae807d79529019fad1c02539a1ee84d5
-
SHA256
5b491c6459678855fd61ad419348f74a64966cc8d8d4ce79e1997e88ec75559a
-
SHA512
650dc1ffc221ff734de4f5d9c056685454f83fc5121013b68f44b5167a6bda7771e89a6a8b4ba56db62174905993b8c65418d923b85f50658411c7a7ca60c19e
-
SSDEEP
98304:BcOSPN0ueiVcQ51kmaBVDLp+fpbFwmiNhkVQzmRGopm:BcOSPN09iVV1FstpiLxigVpJm
Static task
static1
Malware Config
Targets
-
-
Target
5b491c6459678855fd61ad419348f74a64966cc8d8d4ce79e1997e88ec75559a
-
Size
4.1MB
-
MD5
ba48a5c9fe3bf9dab70fe657f23632d4
-
SHA1
b19295b5ae807d79529019fad1c02539a1ee84d5
-
SHA256
5b491c6459678855fd61ad419348f74a64966cc8d8d4ce79e1997e88ec75559a
-
SHA512
650dc1ffc221ff734de4f5d9c056685454f83fc5121013b68f44b5167a6bda7771e89a6a8b4ba56db62174905993b8c65418d923b85f50658411c7a7ca60c19e
-
SSDEEP
98304:BcOSPN0ueiVcQ51kmaBVDLp+fpbFwmiNhkVQzmRGopm:BcOSPN09iVV1FstpiLxigVpJm
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-