General
-
Target
f3edae379d1bcd3c9a61b57904b8c12c6d5c20c7e70e099afba620c9d7cba158
-
Size
4.1MB
-
Sample
230131-zcx7kaac72
-
MD5
c05b97286ff837534731f8b6146311fe
-
SHA1
0a40d3cd32790948ae523339b2c9351d909fc78b
-
SHA256
f3edae379d1bcd3c9a61b57904b8c12c6d5c20c7e70e099afba620c9d7cba158
-
SHA512
58183a83cfc06083ed631a40511dea6dea5ff6206fbc31c56a316828bd55868d2ed67cf48e18aca64366455cc224cf72a6967622ca1d642f0f34060f76075118
-
SSDEEP
98304:40GP4TOarwWUQlPxYjIYoNuaXzNeEGaHLoxfgoz:pGP4TOarwlQl5Yj7aXzNeEGKoFd
Static task
static1
Malware Config
Targets
-
-
Target
f3edae379d1bcd3c9a61b57904b8c12c6d5c20c7e70e099afba620c9d7cba158
-
Size
4.1MB
-
MD5
c05b97286ff837534731f8b6146311fe
-
SHA1
0a40d3cd32790948ae523339b2c9351d909fc78b
-
SHA256
f3edae379d1bcd3c9a61b57904b8c12c6d5c20c7e70e099afba620c9d7cba158
-
SHA512
58183a83cfc06083ed631a40511dea6dea5ff6206fbc31c56a316828bd55868d2ed67cf48e18aca64366455cc224cf72a6967622ca1d642f0f34060f76075118
-
SSDEEP
98304:40GP4TOarwWUQlPxYjIYoNuaXzNeEGaHLoxfgoz:pGP4TOarwlQl5Yj7aXzNeEGKoFd
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-