General
-
Target
d78e2303f3578519b0b10581cdc92c06026de491c6a28e8490f213e80ef5d5c7
-
Size
4.0MB
-
Sample
230130-rvk1yscd5t
-
MD5
22efd41c8c3737f7b98c927e258a7d4a
-
SHA1
17831f47b0d68a7af2a0a27fb7f33a386e0d74f3
-
SHA256
d78e2303f3578519b0b10581cdc92c06026de491c6a28e8490f213e80ef5d5c7
-
SHA512
c778782d644e8b81769e94a1d66af69bc482005cabc478ffb979a316ca1b1eb4cd0674f2a04aaef6aea811fa5eeaeda153017a44cf27679f6fddef9aa3a209d5
-
SSDEEP
98304:WsiY6kZgb9Ciqw+IQRLQvn3VpgexCU2wEHH:WsVJZ0MiqrIwLQvnXgdFn
Static task
static1
Malware Config
Targets
-
-
Target
d78e2303f3578519b0b10581cdc92c06026de491c6a28e8490f213e80ef5d5c7
-
Size
4.0MB
-
MD5
22efd41c8c3737f7b98c927e258a7d4a
-
SHA1
17831f47b0d68a7af2a0a27fb7f33a386e0d74f3
-
SHA256
d78e2303f3578519b0b10581cdc92c06026de491c6a28e8490f213e80ef5d5c7
-
SHA512
c778782d644e8b81769e94a1d66af69bc482005cabc478ffb979a316ca1b1eb4cd0674f2a04aaef6aea811fa5eeaeda153017a44cf27679f6fddef9aa3a209d5
-
SSDEEP
98304:WsiY6kZgb9Ciqw+IQRLQvn3VpgexCU2wEHH:WsVJZ0MiqrIwLQvnXgdFn
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-