General
-
Target
14d75ef159d7792e72c1c1fcf3ca07bd027973bd3fbc54e172e0ea5664fa17e8
-
Size
4.1MB
-
Sample
230131-vea3laba6t
-
MD5
9b7a815f07f84217374c158968e3acdf
-
SHA1
f0d06c17994d32a439c0a239ce4ae39ecd8ae614
-
SHA256
14d75ef159d7792e72c1c1fcf3ca07bd027973bd3fbc54e172e0ea5664fa17e8
-
SHA512
8a550e7d730cbbe03f3008407d8f50b60a830bfd8619c3a4c43fa949c7d6810461169e23a48f7cc89ed1254d3f526cf13ee1ce95caca60d2c9cd833555878b0f
-
SSDEEP
98304:zORlBbjj/vQ2QHN+AEZ6f6OwtPaXQ1i4r8HzPO13UQdNF9B:zU/vQpjEkijtPal48HzPO13UQ9L
Static task
static1
Malware Config
Targets
-
-
Target
14d75ef159d7792e72c1c1fcf3ca07bd027973bd3fbc54e172e0ea5664fa17e8
-
Size
4.1MB
-
MD5
9b7a815f07f84217374c158968e3acdf
-
SHA1
f0d06c17994d32a439c0a239ce4ae39ecd8ae614
-
SHA256
14d75ef159d7792e72c1c1fcf3ca07bd027973bd3fbc54e172e0ea5664fa17e8
-
SHA512
8a550e7d730cbbe03f3008407d8f50b60a830bfd8619c3a4c43fa949c7d6810461169e23a48f7cc89ed1254d3f526cf13ee1ce95caca60d2c9cd833555878b0f
-
SSDEEP
98304:zORlBbjj/vQ2QHN+AEZ6f6OwtPaXQ1i4r8HzPO13UQdNF9B:zU/vQpjEkijtPal48HzPO13UQ9L
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-