General
-
Target
c531519dc8e2a606acb54aefc85b1e56d7b4b2eb1f43b87ee84d751e7c932858
-
Size
4.1MB
-
Sample
230128-aqz6msfa2y
-
MD5
65612b4c36c36d826921d83b6e06c808
-
SHA1
6e01b5d27846d8e999ea60f2b178ac2dd65e2418
-
SHA256
c531519dc8e2a606acb54aefc85b1e56d7b4b2eb1f43b87ee84d751e7c932858
-
SHA512
812755b11d7429000cc8b64cc7504d22674608acb66f57a84645dccaae6cc96a13012c54c02e523d2a986de00dfa820228e2701acca0f3ed1dcd7a9ce2578312
-
SSDEEP
98304:H5tCfexSqFjY6mzBi16X+LmEVaMYXj3VvV5:ufeXdY6mzBiQr5
Static task
static1
Malware Config
Targets
-
-
Target
c531519dc8e2a606acb54aefc85b1e56d7b4b2eb1f43b87ee84d751e7c932858
-
Size
4.1MB
-
MD5
65612b4c36c36d826921d83b6e06c808
-
SHA1
6e01b5d27846d8e999ea60f2b178ac2dd65e2418
-
SHA256
c531519dc8e2a606acb54aefc85b1e56d7b4b2eb1f43b87ee84d751e7c932858
-
SHA512
812755b11d7429000cc8b64cc7504d22674608acb66f57a84645dccaae6cc96a13012c54c02e523d2a986de00dfa820228e2701acca0f3ed1dcd7a9ce2578312
-
SSDEEP
98304:H5tCfexSqFjY6mzBi16X+LmEVaMYXj3VvV5:ufeXdY6mzBiQr5
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-