General
-
Target
54570c397d5eef3c86df2f15da97dd16826784faa0658ed03c750db05639aa7f
-
Size
4.1MB
-
Sample
230128-lqr1taga2s
-
MD5
f7f4c377e6c666adecb160eaa23e7da6
-
SHA1
04504e687298b06f7fa02c704ef181c5aaab5ee9
-
SHA256
54570c397d5eef3c86df2f15da97dd16826784faa0658ed03c750db05639aa7f
-
SHA512
d592ae00bf50fa2f39561790dce93895eb4ac50c1433a6cbb4d92d37f1b8b963057b0f995677a0be294f2e368f2be72fc560d1247db6655d7020f357750ea7e1
-
SSDEEP
98304:pUn0bsL04r/WkPq0cUUJkYicz30DNseF0giX/JUOkMKp:cp4oWN0F3Vcz3afF0gg/XU
Static task
static1
Malware Config
Targets
-
-
Target
54570c397d5eef3c86df2f15da97dd16826784faa0658ed03c750db05639aa7f
-
Size
4.1MB
-
MD5
f7f4c377e6c666adecb160eaa23e7da6
-
SHA1
04504e687298b06f7fa02c704ef181c5aaab5ee9
-
SHA256
54570c397d5eef3c86df2f15da97dd16826784faa0658ed03c750db05639aa7f
-
SHA512
d592ae00bf50fa2f39561790dce93895eb4ac50c1433a6cbb4d92d37f1b8b963057b0f995677a0be294f2e368f2be72fc560d1247db6655d7020f357750ea7e1
-
SSDEEP
98304:pUn0bsL04r/WkPq0cUUJkYicz30DNseF0giX/JUOkMKp:cp4oWN0F3Vcz3afF0gg/XU
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-