General
-
Target
8580f2559856a4fa134a859e8351fc2be7361e6e6f458fd1c44627ede5f38f63
-
Size
4.1MB
-
Sample
230128-pa7ywaeg43
-
MD5
783dafd50978b949f7cffa1d8d421181
-
SHA1
644af3254317b0dfb8c6e41ecf228882961894b8
-
SHA256
8580f2559856a4fa134a859e8351fc2be7361e6e6f458fd1c44627ede5f38f63
-
SHA512
c09d513eb8febb7705fe56680ac9ad64398b5424c8fb9aab9b9e5c2a99cf3a5c60f6fe1af258cdc1d16e57fc1c333d21bdc8359408b7e48ba4d799fe0b4f72eb
-
SSDEEP
98304:NBOSV6AtTQL1Almw7Nke40oxogEDJlh7YB+zjGzI975:NwJ8mwZW0GOJn7KFzs
Static task
static1
Malware Config
Targets
-
-
Target
8580f2559856a4fa134a859e8351fc2be7361e6e6f458fd1c44627ede5f38f63
-
Size
4.1MB
-
MD5
783dafd50978b949f7cffa1d8d421181
-
SHA1
644af3254317b0dfb8c6e41ecf228882961894b8
-
SHA256
8580f2559856a4fa134a859e8351fc2be7361e6e6f458fd1c44627ede5f38f63
-
SHA512
c09d513eb8febb7705fe56680ac9ad64398b5424c8fb9aab9b9e5c2a99cf3a5c60f6fe1af258cdc1d16e57fc1c333d21bdc8359408b7e48ba4d799fe0b4f72eb
-
SSDEEP
98304:NBOSV6AtTQL1Almw7Nke40oxogEDJlh7YB+zjGzI975:NwJ8mwZW0GOJn7KFzs
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-