General
-
Target
fe34e43d7f49d85e423caa223069de74674e6d83172c5cb59db4a1b13147642f
-
Size
4.1MB
-
Sample
230201-qvmdcagf78
-
MD5
93e96301d487270a314ba422b2272d8b
-
SHA1
0d770501a237fac3ea19931a0b00545bf14a2e7d
-
SHA256
fe34e43d7f49d85e423caa223069de74674e6d83172c5cb59db4a1b13147642f
-
SHA512
53024758dcfb1109ca822e54f70fa07c9df9c15ae3973b801bc8ba7860c21cb6940d4d532abd0d20d585cdf2a54f2139387bb94f441f2b797eea11891280a821
-
SSDEEP
98304:H6fyeZOkSsXCJDxp7vbPmU2t0bQU77LS5iWoBjdXw1FywH41vH:H6f3ZOkSsSJbX2t0b177m5v4jG1FT2
Static task
static1
Malware Config
Targets
-
-
Target
fe34e43d7f49d85e423caa223069de74674e6d83172c5cb59db4a1b13147642f
-
Size
4.1MB
-
MD5
93e96301d487270a314ba422b2272d8b
-
SHA1
0d770501a237fac3ea19931a0b00545bf14a2e7d
-
SHA256
fe34e43d7f49d85e423caa223069de74674e6d83172c5cb59db4a1b13147642f
-
SHA512
53024758dcfb1109ca822e54f70fa07c9df9c15ae3973b801bc8ba7860c21cb6940d4d532abd0d20d585cdf2a54f2139387bb94f441f2b797eea11891280a821
-
SSDEEP
98304:H6fyeZOkSsXCJDxp7vbPmU2t0bQU77LS5iWoBjdXw1FywH41vH:H6f3ZOkSsSJbX2t0b177m5v4jG1FT2
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-