General
-
Target
9b0522249eb2994e0bf879b0f4b7fe2a359a666bb1ebe202f76355a06fe7d6bf
-
Size
4.1MB
-
Sample
230202-j85crahe2x
-
MD5
34c53bb9da9df5dff79218a77fa208b5
-
SHA1
99a20ecad2d18908781625539c342b525222053d
-
SHA256
9b0522249eb2994e0bf879b0f4b7fe2a359a666bb1ebe202f76355a06fe7d6bf
-
SHA512
f40197967f2f8e43e4fa36881eaf1def4a27103fedad0695b905a59751a48e143c5e90eaa2b772bd311582c7dfbe1d3db97b774c1ab70d47bb747299008a5e98
-
SSDEEP
98304:R+Ap1R2Q5TqXzWWdOqeMAE/l3CDzSpE0lgeinU5Cm33Nw+Q8qb7q:R+Ap1R2Q5TqXyWdneMA8C/SpoeinU5xf
Static task
static1
Malware Config
Targets
-
-
Target
9b0522249eb2994e0bf879b0f4b7fe2a359a666bb1ebe202f76355a06fe7d6bf
-
Size
4.1MB
-
MD5
34c53bb9da9df5dff79218a77fa208b5
-
SHA1
99a20ecad2d18908781625539c342b525222053d
-
SHA256
9b0522249eb2994e0bf879b0f4b7fe2a359a666bb1ebe202f76355a06fe7d6bf
-
SHA512
f40197967f2f8e43e4fa36881eaf1def4a27103fedad0695b905a59751a48e143c5e90eaa2b772bd311582c7dfbe1d3db97b774c1ab70d47bb747299008a5e98
-
SSDEEP
98304:R+Ap1R2Q5TqXzWWdOqeMAE/l3CDzSpE0lgeinU5Cm33Nw+Q8qb7q:R+Ap1R2Q5TqXyWdneMA8C/SpoeinU5xf
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-