General
-
Target
72464a0eeb8ff9343b525a80166dc71a1a23ec313b456dbe5851878477a5a774
-
Size
4.0MB
-
Sample
230130-kc4a9ahg33
-
MD5
466650fe4aa45bc6674d19a92ba46f09
-
SHA1
bce33e92b3ef259d1b682370d0d9f77c13462fc7
-
SHA256
72464a0eeb8ff9343b525a80166dc71a1a23ec313b456dbe5851878477a5a774
-
SHA512
d52214787976bc97b4e2a9c96cf55f460778c89ec89616210e49b5cde50366c9119d7c76e2e719747ff791643b465f1ce245e6ceae061e97a39f579b96e13082
-
SSDEEP
98304:bdt+18nXqWZnE2/iL11IaO/35A+TnnpixW3rw8nM2vL4vxvA:NXJqLETBAypiSw8zvcv2
Static task
static1
Malware Config
Targets
-
-
Target
72464a0eeb8ff9343b525a80166dc71a1a23ec313b456dbe5851878477a5a774
-
Size
4.0MB
-
MD5
466650fe4aa45bc6674d19a92ba46f09
-
SHA1
bce33e92b3ef259d1b682370d0d9f77c13462fc7
-
SHA256
72464a0eeb8ff9343b525a80166dc71a1a23ec313b456dbe5851878477a5a774
-
SHA512
d52214787976bc97b4e2a9c96cf55f460778c89ec89616210e49b5cde50366c9119d7c76e2e719747ff791643b465f1ce245e6ceae061e97a39f579b96e13082
-
SSDEEP
98304:bdt+18nXqWZnE2/iL11IaO/35A+TnnpixW3rw8nM2vL4vxvA:NXJqLETBAypiSw8zvcv2
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-