General
-
Target
a9d7793620418cb43e434a69b47310d76ae13d5036e30479e4bc1b6f522ec2de
-
Size
4.1MB
-
Sample
230131-m34e2shg9x
-
MD5
a74832e21e306d533ae1dc526afe3a81
-
SHA1
a2515a0d75a11a111c83b25476faccccbfebd577
-
SHA256
a9d7793620418cb43e434a69b47310d76ae13d5036e30479e4bc1b6f522ec2de
-
SHA512
b765d0975d34a68979c384f90962c5e8e2d4ab2098251c06f49bc3c267f7fa117ae4ef8e8949bcaeef116ed34a4b9b566dc8446dc6368870855cec2dcbfe2e5a
-
SSDEEP
98304:+DRa9t52alR+zGMAoLvfaiYMIKqODq2EVBfHX0VJ3VKrlSPNB1rpWSzT:+NAkab+zl1vfj1dbEVpEzlqSz1L
Static task
static1
Malware Config
Targets
-
-
Target
a9d7793620418cb43e434a69b47310d76ae13d5036e30479e4bc1b6f522ec2de
-
Size
4.1MB
-
MD5
a74832e21e306d533ae1dc526afe3a81
-
SHA1
a2515a0d75a11a111c83b25476faccccbfebd577
-
SHA256
a9d7793620418cb43e434a69b47310d76ae13d5036e30479e4bc1b6f522ec2de
-
SHA512
b765d0975d34a68979c384f90962c5e8e2d4ab2098251c06f49bc3c267f7fa117ae4ef8e8949bcaeef116ed34a4b9b566dc8446dc6368870855cec2dcbfe2e5a
-
SSDEEP
98304:+DRa9t52alR+zGMAoLvfaiYMIKqODq2EVBfHX0VJ3VKrlSPNB1rpWSzT:+NAkab+zl1vfj1dbEVpEzlqSz1L
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-