General
-
Target
08cca713a9469a80df3e13755e4af27578d36056de73539b649c311a982ad450
-
Size
4.1MB
-
Sample
230131-t3kq9sha99
-
MD5
9f95fd290846673588391479e37d3f48
-
SHA1
850dca64d52e75d20899a6543834960c82010cad
-
SHA256
08cca713a9469a80df3e13755e4af27578d36056de73539b649c311a982ad450
-
SHA512
b0db201392b8db933ca8d6bb8f36e8dd6489fcbf481b01cd1e3cc93eb17d66814c5a5c457c2fe1a2de0888ec62230e78ee67bab432e5e50f6e2be475df45ac4c
-
SSDEEP
98304:Kc0lgzThpRURyzY9KY+mJv0mTjHZari0FPpVBeRxQG:Kc0WpaAzY9KY+K1TjHZ30dpzcT
Static task
static1
Malware Config
Targets
-
-
Target
08cca713a9469a80df3e13755e4af27578d36056de73539b649c311a982ad450
-
Size
4.1MB
-
MD5
9f95fd290846673588391479e37d3f48
-
SHA1
850dca64d52e75d20899a6543834960c82010cad
-
SHA256
08cca713a9469a80df3e13755e4af27578d36056de73539b649c311a982ad450
-
SHA512
b0db201392b8db933ca8d6bb8f36e8dd6489fcbf481b01cd1e3cc93eb17d66814c5a5c457c2fe1a2de0888ec62230e78ee67bab432e5e50f6e2be475df45ac4c
-
SSDEEP
98304:Kc0lgzThpRURyzY9KY+mJv0mTjHZari0FPpVBeRxQG:Kc0WpaAzY9KY+K1TjHZ30dpzcT
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-