General
-
Target
9ac5d7206d42583c48e955e8cccb94bd292bea2b174e3098c635575a284f8df5
-
Size
4.0MB
-
Sample
230131-aw5cjsdc86
-
MD5
061f5c447e1da1df34afb62b60e3391b
-
SHA1
3ea4f938fa00fb3b2139e47e32da3b18f2a778aa
-
SHA256
9ac5d7206d42583c48e955e8cccb94bd292bea2b174e3098c635575a284f8df5
-
SHA512
89a7c0a4e54b6692f14bdf44c64c7e465a96d5a2cc50a5939498dc2a35508f3ef5cf23725c54760bf41770a1751f1b1a6d42402e4e4f87fd2af1af9de55fd406
-
SSDEEP
98304:6BYpam/Ie00cDiD6QYLRgoVy7UVf/QUYmY6agnp0+ka+Tg:2YpaT309Ylgp75z8J
Static task
static1
Malware Config
Targets
-
-
Target
9ac5d7206d42583c48e955e8cccb94bd292bea2b174e3098c635575a284f8df5
-
Size
4.0MB
-
MD5
061f5c447e1da1df34afb62b60e3391b
-
SHA1
3ea4f938fa00fb3b2139e47e32da3b18f2a778aa
-
SHA256
9ac5d7206d42583c48e955e8cccb94bd292bea2b174e3098c635575a284f8df5
-
SHA512
89a7c0a4e54b6692f14bdf44c64c7e465a96d5a2cc50a5939498dc2a35508f3ef5cf23725c54760bf41770a1751f1b1a6d42402e4e4f87fd2af1af9de55fd406
-
SSDEEP
98304:6BYpam/Ie00cDiD6QYLRgoVy7UVf/QUYmY6agnp0+ka+Tg:2YpaT309Ylgp75z8J
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-