General
-
Target
86e067d8422249eba47d68a2676ed3dd92a8173f8a24675b2c233a0c242169b5
-
Size
4.0MB
-
Sample
230204-kac2aach56
-
MD5
b4e554db1d6fe2a4c9c7ce30650eee5d
-
SHA1
af27e4e2981f8f263ebe972605daa065d9208666
-
SHA256
86e067d8422249eba47d68a2676ed3dd92a8173f8a24675b2c233a0c242169b5
-
SHA512
c751df5d85d7869ab816adcbae1d8f7ef61d8ffeb95ce10c25df5c0347fb4c9df354440ca4f08eb2ce33f4e893254999ea122db08f4955fa29e48d61daef50e5
-
SSDEEP
98304:rdREkzcI1qdyckvktiqiexmGldkJXl5ZlJ9xZILtcwBbnk:rkkwz3kv5qopJ9xmHBY
Static task
static1
Malware Config
Targets
-
-
Target
86e067d8422249eba47d68a2676ed3dd92a8173f8a24675b2c233a0c242169b5
-
Size
4.0MB
-
MD5
b4e554db1d6fe2a4c9c7ce30650eee5d
-
SHA1
af27e4e2981f8f263ebe972605daa065d9208666
-
SHA256
86e067d8422249eba47d68a2676ed3dd92a8173f8a24675b2c233a0c242169b5
-
SHA512
c751df5d85d7869ab816adcbae1d8f7ef61d8ffeb95ce10c25df5c0347fb4c9df354440ca4f08eb2ce33f4e893254999ea122db08f4955fa29e48d61daef50e5
-
SSDEEP
98304:rdREkzcI1qdyckvktiqiexmGldkJXl5ZlJ9xZILtcwBbnk:rkkwz3kv5qopJ9xmHBY
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-