General
-
Target
1096b5cc206554639367ed4e064a0f2cc1e47ca756934e013b096bde5a28382d
-
Size
4.1MB
-
Sample
230128-rsdtvsgf3v
-
MD5
9e8cbc6d112fad83f3047ce87b0dd06d
-
SHA1
7b0955aaad4894a2c8df2fc766048e3077bc4140
-
SHA256
1096b5cc206554639367ed4e064a0f2cc1e47ca756934e013b096bde5a28382d
-
SHA512
b4016c56946550507995dfa3f2a4b44b4c79bfee316d79458c8268351fe0ad7bd2e36683858f52756e3e7a8972a62ee013e1ba2a1ea7631b06fa07bb3aa7d3b6
-
SSDEEP
98304:STSixy5jv8qjBp58unkeuIcUjDtxgrpKCYGBrJv8:/ixyVRjWunkeLjqpNYGry
Static task
static1
Malware Config
Targets
-
-
Target
1096b5cc206554639367ed4e064a0f2cc1e47ca756934e013b096bde5a28382d
-
Size
4.1MB
-
MD5
9e8cbc6d112fad83f3047ce87b0dd06d
-
SHA1
7b0955aaad4894a2c8df2fc766048e3077bc4140
-
SHA256
1096b5cc206554639367ed4e064a0f2cc1e47ca756934e013b096bde5a28382d
-
SHA512
b4016c56946550507995dfa3f2a4b44b4c79bfee316d79458c8268351fe0ad7bd2e36683858f52756e3e7a8972a62ee013e1ba2a1ea7631b06fa07bb3aa7d3b6
-
SSDEEP
98304:STSixy5jv8qjBp58unkeuIcUjDtxgrpKCYGBrJv8:/ixyVRjWunkeLjqpNYGry
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-