General
-
Target
6d77339c0030a44f052f6b0a8dbf1ff7568e176b964f4bdc54fda85dee4607be
-
Size
4.1MB
-
Sample
230128-lpb8zaee66
-
MD5
ff27aed787b0e56a95d9725272ee63c6
-
SHA1
37193a3ba6ae65ce14b905d9bf49c1db3293a33a
-
SHA256
6d77339c0030a44f052f6b0a8dbf1ff7568e176b964f4bdc54fda85dee4607be
-
SHA512
a4b582e3a89fe5af0e5042596a6c6255e4b14fb505d949f2023d573fbf2d93838dd6252e80936a0d522f7c3047353392ded91e8da02f89cce910f4276925a760
-
SSDEEP
98304:pUn0bsL04r/WkPq0cUUJkYicz30DNseF0giX/JUOkMKr:cp4oWN0F3Vcz3afF0gg/XK
Static task
static1
Malware Config
Targets
-
-
Target
6d77339c0030a44f052f6b0a8dbf1ff7568e176b964f4bdc54fda85dee4607be
-
Size
4.1MB
-
MD5
ff27aed787b0e56a95d9725272ee63c6
-
SHA1
37193a3ba6ae65ce14b905d9bf49c1db3293a33a
-
SHA256
6d77339c0030a44f052f6b0a8dbf1ff7568e176b964f4bdc54fda85dee4607be
-
SHA512
a4b582e3a89fe5af0e5042596a6c6255e4b14fb505d949f2023d573fbf2d93838dd6252e80936a0d522f7c3047353392ded91e8da02f89cce910f4276925a760
-
SSDEEP
98304:pUn0bsL04r/WkPq0cUUJkYicz30DNseF0giX/JUOkMKr:cp4oWN0F3Vcz3afF0gg/XK
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-