General
-
Target
15866e72d3aec6d3ea6b1a8fa3ac185bf4b90edb4b07231d343d6ef2c79e89e8
-
Size
4.0MB
-
Sample
230130-zfcp2acg48
-
MD5
4fcdf14078d0f61b2105152758535610
-
SHA1
4750ed0eca504169771d316dcb472fb1c6a3ef51
-
SHA256
15866e72d3aec6d3ea6b1a8fa3ac185bf4b90edb4b07231d343d6ef2c79e89e8
-
SHA512
a9f5630ea42e5e2adcac9e8255152c49ec5669a6c9611c8442482b257fc2f8a2b4d56f937d39f78111d9f6b9f7faa52bc071d78750030c04726e6388bc6eb9ea
-
SSDEEP
98304:4bjq/455k7LKeNo7yESjt/llWE5I7+RajBYf/jIvLCsWXU1/vD9KlAnN:mW/V7ui2sJlIyaXWrU+Dk1/xKanN
Static task
static1
Malware Config
Targets
-
-
Target
15866e72d3aec6d3ea6b1a8fa3ac185bf4b90edb4b07231d343d6ef2c79e89e8
-
Size
4.0MB
-
MD5
4fcdf14078d0f61b2105152758535610
-
SHA1
4750ed0eca504169771d316dcb472fb1c6a3ef51
-
SHA256
15866e72d3aec6d3ea6b1a8fa3ac185bf4b90edb4b07231d343d6ef2c79e89e8
-
SHA512
a9f5630ea42e5e2adcac9e8255152c49ec5669a6c9611c8442482b257fc2f8a2b4d56f937d39f78111d9f6b9f7faa52bc071d78750030c04726e6388bc6eb9ea
-
SSDEEP
98304:4bjq/455k7LKeNo7yESjt/llWE5I7+RajBYf/jIvLCsWXU1/vD9KlAnN:mW/V7ui2sJlIyaXWrU+Dk1/xKanN
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-