General
-
Target
60d3efa107dbfa644672d9d26d1f81a1cc061181d40f93e71bffde627b53548c
-
Size
4.1MB
-
Sample
230128-sasezagf5x
-
MD5
4aa2a4d920bf205898bb9d4ff2263b78
-
SHA1
7f6a3b0231ee3e754545bf0ea91fcbe9948e3d27
-
SHA256
60d3efa107dbfa644672d9d26d1f81a1cc061181d40f93e71bffde627b53548c
-
SHA512
d80f3c1175d55eedc46bda1faa50e32ac7793b23ecc87bee23128e4b64fb9c2af6ed648482cc1f85bbdd6fc4dc330cd686d2358c929855450cca772a360f792f
-
SSDEEP
98304:s/O5UyU/Db8NAKySB7a52+BQ9K4mBah2NY+a52aTU+:s/XkGV+ajQQ3k2SIX+
Static task
static1
Malware Config
Targets
-
-
Target
60d3efa107dbfa644672d9d26d1f81a1cc061181d40f93e71bffde627b53548c
-
Size
4.1MB
-
MD5
4aa2a4d920bf205898bb9d4ff2263b78
-
SHA1
7f6a3b0231ee3e754545bf0ea91fcbe9948e3d27
-
SHA256
60d3efa107dbfa644672d9d26d1f81a1cc061181d40f93e71bffde627b53548c
-
SHA512
d80f3c1175d55eedc46bda1faa50e32ac7793b23ecc87bee23128e4b64fb9c2af6ed648482cc1f85bbdd6fc4dc330cd686d2358c929855450cca772a360f792f
-
SSDEEP
98304:s/O5UyU/Db8NAKySB7a52+BQ9K4mBah2NY+a52aTU+:s/XkGV+ajQQ3k2SIX+
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-