General
-
Target
0ab03557b00d2bf551649a96821e296da6290a081de254a3a0512f50bae9e67f
-
Size
4.1MB
-
Sample
230128-lkd7rsee59
-
MD5
18aea0ad7a624f22fcc9752d70546209
-
SHA1
f549b4a8d2068141bb650775de35ed7853fbfc37
-
SHA256
0ab03557b00d2bf551649a96821e296da6290a081de254a3a0512f50bae9e67f
-
SHA512
b6ed4199a178999ee44121d229a4dbddad67454811def23348b8afcb0b64c8635b23bb6f6c8d5d5652d3abd1f3969e79ee5a18960173e37e97ac1f7d7ad6dc62
-
SSDEEP
98304:EMtQOUQ6oyAYHj8N1y1GiFCbxc0MnKlY+aDX7rPyPk3kk1h5NN56V:EMt56qQoyB0MKl6LPyPWkk1T9s
Static task
static1
Malware Config
Targets
-
-
Target
0ab03557b00d2bf551649a96821e296da6290a081de254a3a0512f50bae9e67f
-
Size
4.1MB
-
MD5
18aea0ad7a624f22fcc9752d70546209
-
SHA1
f549b4a8d2068141bb650775de35ed7853fbfc37
-
SHA256
0ab03557b00d2bf551649a96821e296da6290a081de254a3a0512f50bae9e67f
-
SHA512
b6ed4199a178999ee44121d229a4dbddad67454811def23348b8afcb0b64c8635b23bb6f6c8d5d5652d3abd1f3969e79ee5a18960173e37e97ac1f7d7ad6dc62
-
SSDEEP
98304:EMtQOUQ6oyAYHj8N1y1GiFCbxc0MnKlY+aDX7rPyPk3kk1h5NN56V:EMt56qQoyB0MKl6LPyPWkk1T9s
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-