General
-
Target
282877cf61549e29e5e202183db8b68176bcbf8419a652f550a019b03aefc555
-
Size
4.0MB
-
Sample
230203-2te4eseh2z
-
MD5
678dc5ecfa9ae4d4bd54a7977041dde5
-
SHA1
c17c526c1a9f8b5eb6f8e51e6349904c63d5850a
-
SHA256
282877cf61549e29e5e202183db8b68176bcbf8419a652f550a019b03aefc555
-
SHA512
d84d5dd93650068ba784500139b290fe9ccda0cbb128797a377d633673536c14d2744223b5aa0ad3941ae342d448e0eea78031d7d5fcce31c82a2babb07aee60
-
SSDEEP
98304:iDKNw02kIVqUpK2r+wEW+MYYjlO01BXD3L9NnAGq2Y+tt5203KGJ:DNw02IqLz51XNnAGq2Y+M0n
Static task
static1
Malware Config
Targets
-
-
Target
282877cf61549e29e5e202183db8b68176bcbf8419a652f550a019b03aefc555
-
Size
4.0MB
-
MD5
678dc5ecfa9ae4d4bd54a7977041dde5
-
SHA1
c17c526c1a9f8b5eb6f8e51e6349904c63d5850a
-
SHA256
282877cf61549e29e5e202183db8b68176bcbf8419a652f550a019b03aefc555
-
SHA512
d84d5dd93650068ba784500139b290fe9ccda0cbb128797a377d633673536c14d2744223b5aa0ad3941ae342d448e0eea78031d7d5fcce31c82a2babb07aee60
-
SSDEEP
98304:iDKNw02kIVqUpK2r+wEW+MYYjlO01BXD3L9NnAGq2Y+tt5203KGJ:DNw02IqLz51XNnAGq2Y+M0n
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-