General
-
Target
16e3321da56e3f04b884fe67c2e4b542650605e24b9fc59e89f22b1d8a1f9945
-
Size
4.0MB
-
Sample
230130-mhg2baaa63
-
MD5
7a0d03f94d5124263e235fa053cd3b16
-
SHA1
1413b6a5203862fd0e485543a643fca6912d7b72
-
SHA256
16e3321da56e3f04b884fe67c2e4b542650605e24b9fc59e89f22b1d8a1f9945
-
SHA512
43b4c7188345ff5e66e9bf29eeead5c447d4392e95ef2d9a7d81bf5aefd604427ef14701ccf6e75ac032dc5f30fa6d694ad154a60681ff0425913270850dfa5d
-
SSDEEP
98304:WdOL4/uZgGtCU1Jw2jOpNiTKWTrgdBWwIGF2F:KOLqSgxkw2jO+TKWv6Ud
Static task
static1
Malware Config
Targets
-
-
Target
16e3321da56e3f04b884fe67c2e4b542650605e24b9fc59e89f22b1d8a1f9945
-
Size
4.0MB
-
MD5
7a0d03f94d5124263e235fa053cd3b16
-
SHA1
1413b6a5203862fd0e485543a643fca6912d7b72
-
SHA256
16e3321da56e3f04b884fe67c2e4b542650605e24b9fc59e89f22b1d8a1f9945
-
SHA512
43b4c7188345ff5e66e9bf29eeead5c447d4392e95ef2d9a7d81bf5aefd604427ef14701ccf6e75ac032dc5f30fa6d694ad154a60681ff0425913270850dfa5d
-
SSDEEP
98304:WdOL4/uZgGtCU1Jw2jOpNiTKWTrgdBWwIGF2F:KOLqSgxkw2jO+TKWv6Ud
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-