General
-
Target
ffec3e1a1c99459910a6a92da95c9e464c90229d70aeb3416439612d96e2643b
-
Size
4.1MB
-
Sample
230131-j1qvdsfe86
-
MD5
c8f9104d94cc77b83d9c5b758c4e3c91
-
SHA1
38b347911b1d86304a6d7d753f6c7f64adbcb5da
-
SHA256
ffec3e1a1c99459910a6a92da95c9e464c90229d70aeb3416439612d96e2643b
-
SHA512
15e0b323c45f7acdfdf1a422fb7fe300302b8acb17dddf5f18edbbab75b2d9324dca930686cebd039496671155dbef131ad9022ecda8dfc4104eefadaa94e83e
-
SSDEEP
98304:B6nINMeWbF6E/5gzXMHNQXaBMZ+Uv3GNxEiOwsWr1JilRxzQ:BBc6ExkKNiayZ+U+xEibsCSo
Static task
static1
Malware Config
Targets
-
-
Target
ffec3e1a1c99459910a6a92da95c9e464c90229d70aeb3416439612d96e2643b
-
Size
4.1MB
-
MD5
c8f9104d94cc77b83d9c5b758c4e3c91
-
SHA1
38b347911b1d86304a6d7d753f6c7f64adbcb5da
-
SHA256
ffec3e1a1c99459910a6a92da95c9e464c90229d70aeb3416439612d96e2643b
-
SHA512
15e0b323c45f7acdfdf1a422fb7fe300302b8acb17dddf5f18edbbab75b2d9324dca930686cebd039496671155dbef131ad9022ecda8dfc4104eefadaa94e83e
-
SSDEEP
98304:B6nINMeWbF6E/5gzXMHNQXaBMZ+Uv3GNxEiOwsWr1JilRxzQ:BBc6ExkKNiayZ+U+xEibsCSo
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-