General
-
Target
8becf6ec63ba2f41b25fad37ee02849d7480dff194607369e8dfd237c0bf0641
-
Size
4.1MB
-
Sample
230131-q6pmvagf24
-
MD5
1f879bbd5f1474aaa9a44f6ddea77b36
-
SHA1
e774754beed989c8425835ed502dedf7cf0d5e46
-
SHA256
8becf6ec63ba2f41b25fad37ee02849d7480dff194607369e8dfd237c0bf0641
-
SHA512
9da094410eb39939aae4b9203a6b5387c538645179108a61b57641eb279f5a450d7a389f2dd730b7687baa736df38f2c59ba4e047ad1b8d1a46cb4ffbb3bb4aa
-
SSDEEP
98304:DIwrsmCoVG+Ld90O6PLXQYEmlxlnN5Dfof1uoInFuqmMQcXB35DC:8wW+LdzATlnN5DQKmRcxo
Static task
static1
Malware Config
Targets
-
-
Target
8becf6ec63ba2f41b25fad37ee02849d7480dff194607369e8dfd237c0bf0641
-
Size
4.1MB
-
MD5
1f879bbd5f1474aaa9a44f6ddea77b36
-
SHA1
e774754beed989c8425835ed502dedf7cf0d5e46
-
SHA256
8becf6ec63ba2f41b25fad37ee02849d7480dff194607369e8dfd237c0bf0641
-
SHA512
9da094410eb39939aae4b9203a6b5387c538645179108a61b57641eb279f5a450d7a389f2dd730b7687baa736df38f2c59ba4e047ad1b8d1a46cb4ffbb3bb4aa
-
SSDEEP
98304:DIwrsmCoVG+Ld90O6PLXQYEmlxlnN5Dfof1uoInFuqmMQcXB35DC:8wW+LdzATlnN5DQKmRcxo
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-