General
-
Target
d724704e9493efc310faa42fb36fa483cf3cd46641ef78def75c1c417ea16989
-
Size
4.1MB
-
Sample
230129-ppd94sge31
-
MD5
2f52308f32437537173a84be3ab25ef3
-
SHA1
9e2fa4abfdfca24a4088acb67a42e5598e7d7527
-
SHA256
d724704e9493efc310faa42fb36fa483cf3cd46641ef78def75c1c417ea16989
-
SHA512
9543601700e7d7a6a4e5f11fc3506427ac84f5278dcce43b375635c3b536d92579430da0402ea1493ded3a9bdb4db497c5df9c74ed0f3d97bba954dcb1927a0c
-
SSDEEP
98304:WZWqEuz9lwfPwwwhFXBUzcboLtY5KGBLd7CfaXPP:eWQhlw3whFazcboe5Kkd7Cf8n
Static task
static1
Malware Config
Targets
-
-
Target
d724704e9493efc310faa42fb36fa483cf3cd46641ef78def75c1c417ea16989
-
Size
4.1MB
-
MD5
2f52308f32437537173a84be3ab25ef3
-
SHA1
9e2fa4abfdfca24a4088acb67a42e5598e7d7527
-
SHA256
d724704e9493efc310faa42fb36fa483cf3cd46641ef78def75c1c417ea16989
-
SHA512
9543601700e7d7a6a4e5f11fc3506427ac84f5278dcce43b375635c3b536d92579430da0402ea1493ded3a9bdb4db497c5df9c74ed0f3d97bba954dcb1927a0c
-
SSDEEP
98304:WZWqEuz9lwfPwwwhFXBUzcboLtY5KGBLd7CfaXPP:eWQhlw3whFazcboe5Kkd7Cf8n
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-