General
-
Target
410a6cab7d00eccb14f54d3d48c40b0ba5017ba39eb481cd338ff1210142c571
-
Size
4.0MB
-
Sample
230203-mzpgqaaa5w
-
MD5
095f28a485c2a9055a23a5306faefd28
-
SHA1
9b13ea9e87547bfc4ef987bccd652e0c718e2243
-
SHA256
410a6cab7d00eccb14f54d3d48c40b0ba5017ba39eb481cd338ff1210142c571
-
SHA512
9f80d3091ffc9419f33b010fc9a7834bab6eb35ea0ae83b9e530ae47cebe66c2c589fbcc4f499c5783e453c7ddfabe0ae2ba6a46bc892d44e8a366eedaa8597e
-
SSDEEP
98304:VngOgOkztnzaCKoI2A6VV3O3Avalm32Sg9kyjU8sp3si5GG:VnpgOkzVzPbA6VtKJlkSU89g
Static task
static1
Malware Config
Targets
-
-
Target
410a6cab7d00eccb14f54d3d48c40b0ba5017ba39eb481cd338ff1210142c571
-
Size
4.0MB
-
MD5
095f28a485c2a9055a23a5306faefd28
-
SHA1
9b13ea9e87547bfc4ef987bccd652e0c718e2243
-
SHA256
410a6cab7d00eccb14f54d3d48c40b0ba5017ba39eb481cd338ff1210142c571
-
SHA512
9f80d3091ffc9419f33b010fc9a7834bab6eb35ea0ae83b9e530ae47cebe66c2c589fbcc4f499c5783e453c7ddfabe0ae2ba6a46bc892d44e8a366eedaa8597e
-
SSDEEP
98304:VngOgOkztnzaCKoI2A6VV3O3Avalm32Sg9kyjU8sp3si5GG:VnpgOkzVzPbA6VtKJlkSU89g
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-