General
-
Target
93d400ccfa42d731702ac0d821b21db4c0454a07d6c7ba6c1dea299f3104aecb
-
Size
4.1MB
-
Sample
230131-jxsjtahc5t
-
MD5
61db4d909f866c11c87d607a695f3254
-
SHA1
23492728ce264863473e124f4674d0a0e6c424d0
-
SHA256
93d400ccfa42d731702ac0d821b21db4c0454a07d6c7ba6c1dea299f3104aecb
-
SHA512
519bf7cc120e8fa9d24becee0162f51fc23b1df31ca321c914f47d5e004e8b933182810577b0337e34984eebece17241e65feb8ab6c72502a49ca60f7937a091
-
SSDEEP
98304:B6nINMeWbF6E/5gzXMHNQXaBMZ+Uv3GNxEiOwsWr1JilRxzr:BBc6ExkKNiayZ+U+xEibsCSz
Static task
static1
Malware Config
Targets
-
-
Target
93d400ccfa42d731702ac0d821b21db4c0454a07d6c7ba6c1dea299f3104aecb
-
Size
4.1MB
-
MD5
61db4d909f866c11c87d607a695f3254
-
SHA1
23492728ce264863473e124f4674d0a0e6c424d0
-
SHA256
93d400ccfa42d731702ac0d821b21db4c0454a07d6c7ba6c1dea299f3104aecb
-
SHA512
519bf7cc120e8fa9d24becee0162f51fc23b1df31ca321c914f47d5e004e8b933182810577b0337e34984eebece17241e65feb8ab6c72502a49ca60f7937a091
-
SSDEEP
98304:B6nINMeWbF6E/5gzXMHNQXaBMZ+Uv3GNxEiOwsWr1JilRxzr:BBc6ExkKNiayZ+U+xEibsCSz
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-