General
-
Target
cd14bce797e82e346a12151f1bd02cafc1e61e1166bd107c853c01480563a025
-
Size
4.1MB
-
Sample
230128-sn4p6agf8s
-
MD5
be04e2e92363be41e418b4669cba6d08
-
SHA1
acae6f0eafbc30eccd38b41b29cba916d5458d97
-
SHA256
cd14bce797e82e346a12151f1bd02cafc1e61e1166bd107c853c01480563a025
-
SHA512
b5ef2155e8bfda8d544e35242c1c36e5dbca77ad1478713cc69d8d5f5cc310d2c1f926451fb3c0a71ce9ea37dc808d503cc678573bb6486c6b3a75c77712bd2f
-
SSDEEP
98304:s/O5UyU/Db8NAKySB7a52+BQ9K4mBah2NY+a52aTU7:s/XkGV+ajQQ3k2SIX7
Static task
static1
Malware Config
Targets
-
-
Target
cd14bce797e82e346a12151f1bd02cafc1e61e1166bd107c853c01480563a025
-
Size
4.1MB
-
MD5
be04e2e92363be41e418b4669cba6d08
-
SHA1
acae6f0eafbc30eccd38b41b29cba916d5458d97
-
SHA256
cd14bce797e82e346a12151f1bd02cafc1e61e1166bd107c853c01480563a025
-
SHA512
b5ef2155e8bfda8d544e35242c1c36e5dbca77ad1478713cc69d8d5f5cc310d2c1f926451fb3c0a71ce9ea37dc808d503cc678573bb6486c6b3a75c77712bd2f
-
SSDEEP
98304:s/O5UyU/Db8NAKySB7a52+BQ9K4mBah2NY+a52aTU7:s/XkGV+ajQQ3k2SIX7
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-