General
-
Target
e913621e3f4da8f0f70a0b6cac3a225ed069e04532e8a188760f85edee6a394e
-
Size
4.1MB
-
Sample
230129-pem49sga7s
-
MD5
8e3bd9e92071c33770f9a8bb09bfcd60
-
SHA1
6897337eb3ee0400c02b28c78f8aa85dfa7d1beb
-
SHA256
e913621e3f4da8f0f70a0b6cac3a225ed069e04532e8a188760f85edee6a394e
-
SHA512
1ef80307f8523e97f649d586202e61a7bd44fa020f0fe8e6b9c88b38fa57b521141cebec0b0d26d7ceefbe39a878641480c2888aeec498f5478e286687e6a727
-
SSDEEP
98304:VWjdy9uKZ9gA3vf19VjbXBYIa6xL5LSA6HnfQ7rxxiNvmRgS5:wjdy9uI19VH9lLDunY7FmOF
Static task
static1
Malware Config
Targets
-
-
Target
e913621e3f4da8f0f70a0b6cac3a225ed069e04532e8a188760f85edee6a394e
-
Size
4.1MB
-
MD5
8e3bd9e92071c33770f9a8bb09bfcd60
-
SHA1
6897337eb3ee0400c02b28c78f8aa85dfa7d1beb
-
SHA256
e913621e3f4da8f0f70a0b6cac3a225ed069e04532e8a188760f85edee6a394e
-
SHA512
1ef80307f8523e97f649d586202e61a7bd44fa020f0fe8e6b9c88b38fa57b521141cebec0b0d26d7ceefbe39a878641480c2888aeec498f5478e286687e6a727
-
SSDEEP
98304:VWjdy9uKZ9gA3vf19VjbXBYIa6xL5LSA6HnfQ7rxxiNvmRgS5:wjdy9uI19VH9lLDunY7FmOF
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-