General
-
Target
7fda6fba8fd18654494dca914832632537cf867e9682d4cf5d67d9d6f162476e
-
Size
4.1MB
-
Sample
230129-ppyczsge51
-
MD5
fb06d4a26de8fd44405693220f53cb2f
-
SHA1
4334600bb085457c52eb1e431e8cedc32c4a57d2
-
SHA256
7fda6fba8fd18654494dca914832632537cf867e9682d4cf5d67d9d6f162476e
-
SHA512
f526d73f84bf179cca581b5cba1cd8cdd28d7ddbda1b1d450519445a466514f779e87b5b1f1c519cb50c71d987f8c390c5a3500baeabdc92ed19c71408304e39
-
SSDEEP
98304:WZWqEuz9lwfPwwwhFXBUzcboLtY5KGBLd7CfaXbD:eWQhlw3whFazcboe5Kkd7Cf8H
Static task
static1
Malware Config
Targets
-
-
Target
7fda6fba8fd18654494dca914832632537cf867e9682d4cf5d67d9d6f162476e
-
Size
4.1MB
-
MD5
fb06d4a26de8fd44405693220f53cb2f
-
SHA1
4334600bb085457c52eb1e431e8cedc32c4a57d2
-
SHA256
7fda6fba8fd18654494dca914832632537cf867e9682d4cf5d67d9d6f162476e
-
SHA512
f526d73f84bf179cca581b5cba1cd8cdd28d7ddbda1b1d450519445a466514f779e87b5b1f1c519cb50c71d987f8c390c5a3500baeabdc92ed19c71408304e39
-
SSDEEP
98304:WZWqEuz9lwfPwwwhFXBUzcboLtY5KGBLd7CfaXbD:eWQhlw3whFazcboe5Kkd7Cf8H
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-