General
-
Target
534d6e72de916ed833f7e712331115da67320b9ffaec45546bc201de538c3d0a
-
Size
4.1MB
-
Sample
230128-llymssee64
-
MD5
76e31e8eaa70ce3eceb1b6e48fdc680c
-
SHA1
15c8c60faeb6197de7bdc95f487b403bbbdeb679
-
SHA256
534d6e72de916ed833f7e712331115da67320b9ffaec45546bc201de538c3d0a
-
SHA512
98f27526f4f3957755acf1ae19cbef8105d859d66524b8e15ab57d96e79079d5d6788c5aedccdb69ca9e8ae9b983a7a06fbcfc2fdd08a3ed822781eabda0066e
-
SSDEEP
98304:pUn0bsL04r/WkPq0cUUJkYicz30DNseF0giX/JUOkMKO:cp4oWN0F3Vcz3afF0gg/Xz
Static task
static1
Malware Config
Targets
-
-
Target
534d6e72de916ed833f7e712331115da67320b9ffaec45546bc201de538c3d0a
-
Size
4.1MB
-
MD5
76e31e8eaa70ce3eceb1b6e48fdc680c
-
SHA1
15c8c60faeb6197de7bdc95f487b403bbbdeb679
-
SHA256
534d6e72de916ed833f7e712331115da67320b9ffaec45546bc201de538c3d0a
-
SHA512
98f27526f4f3957755acf1ae19cbef8105d859d66524b8e15ab57d96e79079d5d6788c5aedccdb69ca9e8ae9b983a7a06fbcfc2fdd08a3ed822781eabda0066e
-
SSDEEP
98304:pUn0bsL04r/WkPq0cUUJkYicz30DNseF0giX/JUOkMKO:cp4oWN0F3Vcz3afF0gg/Xz
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-