General
-
Target
c18fcb0866454f97857a855d32e7fc5c0a2cb8f0f2cf6bab11660986d51de68f
-
Size
4.1MB
-
Sample
230128-abj6waeh7s
-
MD5
731cd42026310bba49a84e24c34cacbc
-
SHA1
1e760022078170a11f53de70f6406b85f0e9b0c7
-
SHA256
c18fcb0866454f97857a855d32e7fc5c0a2cb8f0f2cf6bab11660986d51de68f
-
SHA512
c057c0b3c809747d00890d91563858758405c7823df7a7356222082e2f0d7ed3c1f53204d0c1b0e878090fa6e89b3d1459acf0daa4e2c9e6872a2bb25936fb13
-
SSDEEP
98304:QhGXk0lBlkSduP/MUU6wIi7AJ1gNLP2BBbqkoxg317Gr/lQLVi:kslBaSdglK7yBbDoxw1aryi
Static task
static1
Malware Config
Targets
-
-
Target
c18fcb0866454f97857a855d32e7fc5c0a2cb8f0f2cf6bab11660986d51de68f
-
Size
4.1MB
-
MD5
731cd42026310bba49a84e24c34cacbc
-
SHA1
1e760022078170a11f53de70f6406b85f0e9b0c7
-
SHA256
c18fcb0866454f97857a855d32e7fc5c0a2cb8f0f2cf6bab11660986d51de68f
-
SHA512
c057c0b3c809747d00890d91563858758405c7823df7a7356222082e2f0d7ed3c1f53204d0c1b0e878090fa6e89b3d1459acf0daa4e2c9e6872a2bb25936fb13
-
SSDEEP
98304:QhGXk0lBlkSduP/MUU6wIi7AJ1gNLP2BBbqkoxg317Gr/lQLVi:kslBaSdglK7yBbDoxw1aryi
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-