General
-
Target
61f0fed9443dcb45bb44a8dd5692542c5ef746e2dfae12cde5c284d963c5eb91
-
Size
4.1MB
-
Sample
230201-vdjy4scf8z
-
MD5
d561d28db0cf1c9f4e8fd6abb22965d4
-
SHA1
cff03306337c09c2fb7b7370f0aee006ccb4cb44
-
SHA256
61f0fed9443dcb45bb44a8dd5692542c5ef746e2dfae12cde5c284d963c5eb91
-
SHA512
daefbbe4436473c6294e5b91b5510a477cb8388c327c9b3d4cbf638f7b4557f385c21c9066ad00986eda6801360dc4a2645a183a7f584334ee4b27ed02a81999
-
SSDEEP
98304:Cph+CIu6fFZNwqNV2pdlHi/wePQieUey5QYk:CPgRVudxi/xRdh5QL
Static task
static1
Malware Config
Targets
-
-
Target
61f0fed9443dcb45bb44a8dd5692542c5ef746e2dfae12cde5c284d963c5eb91
-
Size
4.1MB
-
MD5
d561d28db0cf1c9f4e8fd6abb22965d4
-
SHA1
cff03306337c09c2fb7b7370f0aee006ccb4cb44
-
SHA256
61f0fed9443dcb45bb44a8dd5692542c5ef746e2dfae12cde5c284d963c5eb91
-
SHA512
daefbbe4436473c6294e5b91b5510a477cb8388c327c9b3d4cbf638f7b4557f385c21c9066ad00986eda6801360dc4a2645a183a7f584334ee4b27ed02a81999
-
SSDEEP
98304:Cph+CIu6fFZNwqNV2pdlHi/wePQieUey5QYk:CPgRVudxi/xRdh5QL
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-