General
-
Target
820039212988f8a1cf932a33976bfc79f52ce5d5526c399fd61995f312d12de4
-
Size
4.1MB
-
Sample
230201-j7caksce59
-
MD5
49f990216ef08d7badf39b380d4c3b95
-
SHA1
285654ea458480e63ad65e2a5646c5ede2922f50
-
SHA256
820039212988f8a1cf932a33976bfc79f52ce5d5526c399fd61995f312d12de4
-
SHA512
1f4053f5f3edcc4472eefe4b133b68a4d634e614212ab202233619fd12b6c3737e4ff7a7de42bffcfa1292da85dbd32835e65e3708f344fc8b480be3f3f3f622
-
SSDEEP
98304:FGlg+U/Ft9Vv1UNKIcgi6b5UsbqQr0xHyWAS22fdE5Ypkk3tje:FG2DvCL+K7bq9xfRpkAy
Static task
static1
Malware Config
Targets
-
-
Target
820039212988f8a1cf932a33976bfc79f52ce5d5526c399fd61995f312d12de4
-
Size
4.1MB
-
MD5
49f990216ef08d7badf39b380d4c3b95
-
SHA1
285654ea458480e63ad65e2a5646c5ede2922f50
-
SHA256
820039212988f8a1cf932a33976bfc79f52ce5d5526c399fd61995f312d12de4
-
SHA512
1f4053f5f3edcc4472eefe4b133b68a4d634e614212ab202233619fd12b6c3737e4ff7a7de42bffcfa1292da85dbd32835e65e3708f344fc8b480be3f3f3f622
-
SSDEEP
98304:FGlg+U/Ft9Vv1UNKIcgi6b5UsbqQr0xHyWAS22fdE5Ypkk3tje:FG2DvCL+K7bq9xfRpkAy
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-