General
-
Target
9420554813ae352bd372d201a220bcc6790000f7081bf1a7a46ddfd7bbac7d7a
-
Size
4.1MB
-
Sample
230201-gtkzfsea2w
-
MD5
7365dbb144429e78f9ea08fe7b239a32
-
SHA1
3f9589e4d9c203346facbebcd48984c2db87d776
-
SHA256
9420554813ae352bd372d201a220bcc6790000f7081bf1a7a46ddfd7bbac7d7a
-
SHA512
a328cad827da1fe90facf5da96c92d7bce1260fcb6e577dc3f88364d240675c5c3d2d800a7e1ec18c3d7051d87c236ab66385890bfc6c02755fab601bbf13f2c
-
SSDEEP
98304:tQ5RaRg3XrWNRbKONOhs9MJlnsBwQGIGFXT:tQ58OHrWWONOhfQGIq
Static task
static1
Malware Config
Targets
-
-
Target
9420554813ae352bd372d201a220bcc6790000f7081bf1a7a46ddfd7bbac7d7a
-
Size
4.1MB
-
MD5
7365dbb144429e78f9ea08fe7b239a32
-
SHA1
3f9589e4d9c203346facbebcd48984c2db87d776
-
SHA256
9420554813ae352bd372d201a220bcc6790000f7081bf1a7a46ddfd7bbac7d7a
-
SHA512
a328cad827da1fe90facf5da96c92d7bce1260fcb6e577dc3f88364d240675c5c3d2d800a7e1ec18c3d7051d87c236ab66385890bfc6c02755fab601bbf13f2c
-
SSDEEP
98304:tQ5RaRg3XrWNRbKONOhs9MJlnsBwQGIGFXT:tQ58OHrWWONOhfQGIq
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-