General
-
Target
4b724523c00f5b02996e788258b5eb32b28af1b83e2a2ed6ab1995baa055c5fc
-
Size
4.1MB
-
Sample
230129-k5bfyaac7w
-
MD5
1dd44502476061afcaeefeab779dc193
-
SHA1
1ede268be2268a75f4ba2447accbdf373634b0db
-
SHA256
4b724523c00f5b02996e788258b5eb32b28af1b83e2a2ed6ab1995baa055c5fc
-
SHA512
82266625171ae0f5eae841a4bcddcee45d342d1d0dcf10cc7f8733c459d519c5a744e3f6af335de53e59a09b0b3d211899dcc147767a50887b2bed74318456b6
-
SSDEEP
98304:SCVIR5EcZ0HiqrPbayKgjuvn3vJf/QQ6tiiCH5rcMnIYSBgSPY/BL5mR3E:TS0iqrTPEvpYbi5r7ndSBgSgpsa
Static task
static1
Malware Config
Targets
-
-
Target
4b724523c00f5b02996e788258b5eb32b28af1b83e2a2ed6ab1995baa055c5fc
-
Size
4.1MB
-
MD5
1dd44502476061afcaeefeab779dc193
-
SHA1
1ede268be2268a75f4ba2447accbdf373634b0db
-
SHA256
4b724523c00f5b02996e788258b5eb32b28af1b83e2a2ed6ab1995baa055c5fc
-
SHA512
82266625171ae0f5eae841a4bcddcee45d342d1d0dcf10cc7f8733c459d519c5a744e3f6af335de53e59a09b0b3d211899dcc147767a50887b2bed74318456b6
-
SSDEEP
98304:SCVIR5EcZ0HiqrPbayKgjuvn3vJf/QQ6tiiCH5rcMnIYSBgSPY/BL5mR3E:TS0iqrTPEvpYbi5r7ndSBgSgpsa
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-