General
-
Target
7e95d6ed44d44dde908284ec0cae2040571730287998112f3013a66e3af96246
-
Size
4.1MB
-
Sample
230129-vxr4tsgf9x
-
MD5
35f51ce5736ee29f23a2464600f712aa
-
SHA1
bbd543713b033b9bd880c1ce19123218207d31aa
-
SHA256
7e95d6ed44d44dde908284ec0cae2040571730287998112f3013a66e3af96246
-
SHA512
0a3191dbe589ae183824b21b4bd0c5b19afde156deaaa12c6506911be8663c8d8c6b5499da6ef1e9be14948f13911156aef24dd3206fe41d319f7b15aa7fdb73
-
SSDEEP
98304:U0NbFUIu/8w08IEUP9yX5i9T1xEzZWg0QTa/Bcc6a0W1Lpp:Umi/8pxEUC6TfBcBafN
Static task
static1
Malware Config
Targets
-
-
Target
7e95d6ed44d44dde908284ec0cae2040571730287998112f3013a66e3af96246
-
Size
4.1MB
-
MD5
35f51ce5736ee29f23a2464600f712aa
-
SHA1
bbd543713b033b9bd880c1ce19123218207d31aa
-
SHA256
7e95d6ed44d44dde908284ec0cae2040571730287998112f3013a66e3af96246
-
SHA512
0a3191dbe589ae183824b21b4bd0c5b19afde156deaaa12c6506911be8663c8d8c6b5499da6ef1e9be14948f13911156aef24dd3206fe41d319f7b15aa7fdb73
-
SSDEEP
98304:U0NbFUIu/8w08IEUP9yX5i9T1xEzZWg0QTa/Bcc6a0W1Lpp:Umi/8pxEUC6TfBcBafN
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-