General
-
Target
a3fb3bac8b6ce48199da0184ca11936a7b1f07af9a2c0e3c8661bd877263ff5b
-
Size
4.2MB
-
Sample
230202-mrj72afg82
-
MD5
d663a1cb7b2878c65584a942804fcb32
-
SHA1
c3e59adaf9aa587a15bcf6ac07126fa526617bc0
-
SHA256
a3fb3bac8b6ce48199da0184ca11936a7b1f07af9a2c0e3c8661bd877263ff5b
-
SHA512
52cd348ffc689e9b6169e597880c42709176a16e848a38f4d50360030cfd2947c6bace7cbf025768f5566afdf80076aaa68ad84c876d202cd8c4aa199de68fb2
-
SSDEEP
98304:OfNdT4ptf8b8DKUjc9bf3SL+7Qi3DT9b4/NVYjchdECzEhSBZJqb7L:OldT4ptf296OiL+v+/NHhdrzBZiL
Static task
static1
Malware Config
Targets
-
-
Target
a3fb3bac8b6ce48199da0184ca11936a7b1f07af9a2c0e3c8661bd877263ff5b
-
Size
4.2MB
-
MD5
d663a1cb7b2878c65584a942804fcb32
-
SHA1
c3e59adaf9aa587a15bcf6ac07126fa526617bc0
-
SHA256
a3fb3bac8b6ce48199da0184ca11936a7b1f07af9a2c0e3c8661bd877263ff5b
-
SHA512
52cd348ffc689e9b6169e597880c42709176a16e848a38f4d50360030cfd2947c6bace7cbf025768f5566afdf80076aaa68ad84c876d202cd8c4aa199de68fb2
-
SSDEEP
98304:OfNdT4ptf8b8DKUjc9bf3SL+7Qi3DT9b4/NVYjchdECzEhSBZJqb7L:OldT4ptf296OiL+v+/NHhdrzBZiL
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-