General
-
Target
9fd740824606d7298204f53982e73fc62001fc280438e23402867ad6e3db9edc
-
Size
4.1MB
-
Sample
230128-ahejzade77
-
MD5
13a8ba2c8f3e0ec78a47e236caf192c5
-
SHA1
61728a3e2af0b9c7c81370b2e7eb3f89e6c48ff7
-
SHA256
9fd740824606d7298204f53982e73fc62001fc280438e23402867ad6e3db9edc
-
SHA512
a369b6ec2dd3345900c9dd8acc417a6ed60d7fc4e27b81222d2fcb3bf55de1c01941245abad6fff72a0529f0dd05e85f09f1d82c36d6ff0a8756fe9cb04b08b3
-
SSDEEP
98304:QhGXk0lBlkSduP/MUU6wIi7AJ1gNLP2BBbqkoxg317Gr/lQLVD:kslBaSdglK7yBbDoxw1aryD
Static task
static1
Malware Config
Targets
-
-
Target
9fd740824606d7298204f53982e73fc62001fc280438e23402867ad6e3db9edc
-
Size
4.1MB
-
MD5
13a8ba2c8f3e0ec78a47e236caf192c5
-
SHA1
61728a3e2af0b9c7c81370b2e7eb3f89e6c48ff7
-
SHA256
9fd740824606d7298204f53982e73fc62001fc280438e23402867ad6e3db9edc
-
SHA512
a369b6ec2dd3345900c9dd8acc417a6ed60d7fc4e27b81222d2fcb3bf55de1c01941245abad6fff72a0529f0dd05e85f09f1d82c36d6ff0a8756fe9cb04b08b3
-
SSDEEP
98304:QhGXk0lBlkSduP/MUU6wIi7AJ1gNLP2BBbqkoxg317Gr/lQLVD:kslBaSdglK7yBbDoxw1aryD
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-