General
-
Target
65120e704a774cfcdb4d6e4cdac21fcdcabb13e46c9e6206985b169248e48095
-
Size
4.1MB
-
Sample
230128-jwge6afh2x
-
MD5
06b4c9c6fb1170e043fadcdc8fa849a5
-
SHA1
c2ddd84b18ebc9d9764f773fd2780b6d7708703b
-
SHA256
65120e704a774cfcdb4d6e4cdac21fcdcabb13e46c9e6206985b169248e48095
-
SHA512
d005214a5e87b0d27742e9f645a4ba4e910064d78a810ba7589914029c9ed694e5d5575c03d99b0c73a30e57f5c4e2430bf03575e1bf91009755b0897f9d42b7
-
SSDEEP
98304:2Dpb+9m8RDbKHP++ZVpbcRkaPx50KXTXa/bK:Sp83S/bcRJIKXTKO
Static task
static1
Malware Config
Targets
-
-
Target
65120e704a774cfcdb4d6e4cdac21fcdcabb13e46c9e6206985b169248e48095
-
Size
4.1MB
-
MD5
06b4c9c6fb1170e043fadcdc8fa849a5
-
SHA1
c2ddd84b18ebc9d9764f773fd2780b6d7708703b
-
SHA256
65120e704a774cfcdb4d6e4cdac21fcdcabb13e46c9e6206985b169248e48095
-
SHA512
d005214a5e87b0d27742e9f645a4ba4e910064d78a810ba7589914029c9ed694e5d5575c03d99b0c73a30e57f5c4e2430bf03575e1bf91009755b0897f9d42b7
-
SSDEEP
98304:2Dpb+9m8RDbKHP++ZVpbcRkaPx50KXTXa/bK:Sp83S/bcRJIKXTKO
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-