General
-
Target
4aece9310f17cd1f91a203dcf05b93b798f4e286f436bd8aea3b38d8d170d50b
-
Size
4.1MB
-
Sample
230129-las8yahb78
-
MD5
522a3e58d40167b660bd82a23aa1ed1a
-
SHA1
66c04c887affbb97918b28ceece36197508a7f45
-
SHA256
4aece9310f17cd1f91a203dcf05b93b798f4e286f436bd8aea3b38d8d170d50b
-
SHA512
f600c248b77327d387fe7ed4bfb6ce3b0b280f341bec4be03ec85fba7a7f2fd29fa54f36523a2ae2cc89a954955524e4d82ba7149027f91846ebbdfe8d0cf41e
-
SSDEEP
98304:SCVIR5EcZ0HiqrPbayKgjuvn3vJf/QQ6tiiCH5rcMnIYSBgSPY/BL5mR3S:TS0iqrTPEvpYbi5r7ndSBgSgpsc
Static task
static1
Malware Config
Targets
-
-
Target
4aece9310f17cd1f91a203dcf05b93b798f4e286f436bd8aea3b38d8d170d50b
-
Size
4.1MB
-
MD5
522a3e58d40167b660bd82a23aa1ed1a
-
SHA1
66c04c887affbb97918b28ceece36197508a7f45
-
SHA256
4aece9310f17cd1f91a203dcf05b93b798f4e286f436bd8aea3b38d8d170d50b
-
SHA512
f600c248b77327d387fe7ed4bfb6ce3b0b280f341bec4be03ec85fba7a7f2fd29fa54f36523a2ae2cc89a954955524e4d82ba7149027f91846ebbdfe8d0cf41e
-
SSDEEP
98304:SCVIR5EcZ0HiqrPbayKgjuvn3vJf/QQ6tiiCH5rcMnIYSBgSPY/BL5mR3S:TS0iqrTPEvpYbi5r7ndSBgSgpsc
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-