General
-
Target
32b8911221679f9a2ca9d74665da658a0bcff4c6e04df5820de76c22b6a46d69
-
Size
4.1MB
-
Sample
230203-j7r12agd9s
-
MD5
18eef82bb7f8c44dbb2544df3f4500b1
-
SHA1
ab375e69a1425caa705d3b81f74359dd29324c54
-
SHA256
32b8911221679f9a2ca9d74665da658a0bcff4c6e04df5820de76c22b6a46d69
-
SHA512
91daaab952fd1e6cbe643f414162e0b0e6fc2704ebb44ba9b876e38d44b9b702a8293c54caee23403d0adf950ac11f6c7bc68dfbe9f3565ce39296d168d20dd2
-
SSDEEP
98304:716yO65OGQAlOoza46CaI2OlcIYFRLJI22LXXTAgqo:7UL6lmZDIOIYFRLJOnUI
Static task
static1
Malware Config
Targets
-
-
Target
32b8911221679f9a2ca9d74665da658a0bcff4c6e04df5820de76c22b6a46d69
-
Size
4.1MB
-
MD5
18eef82bb7f8c44dbb2544df3f4500b1
-
SHA1
ab375e69a1425caa705d3b81f74359dd29324c54
-
SHA256
32b8911221679f9a2ca9d74665da658a0bcff4c6e04df5820de76c22b6a46d69
-
SHA512
91daaab952fd1e6cbe643f414162e0b0e6fc2704ebb44ba9b876e38d44b9b702a8293c54caee23403d0adf950ac11f6c7bc68dfbe9f3565ce39296d168d20dd2
-
SSDEEP
98304:716yO65OGQAlOoza46CaI2OlcIYFRLJI22LXXTAgqo:7UL6lmZDIOIYFRLJOnUI
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-