General
-
Target
96757b02420aeb76ef99819fb57b1086d7f0db2e68a769331ecef6b345ce7b56
-
Size
4.1MB
-
Sample
230204-lbx9aada55
-
MD5
255fbe8accbaa2089876575f6e048710
-
SHA1
6cd7d785b76b56ae4321de046f91824b7213d52e
-
SHA256
96757b02420aeb76ef99819fb57b1086d7f0db2e68a769331ecef6b345ce7b56
-
SHA512
ca9894902090f1a37374fc664081e59fbc652d4f6ac883671600f71b6f1b9c95e483e99057d829844293de4a9680eae25570819b5392afaf8135ae24bf18d6f0
-
SSDEEP
98304:/ftowq6CEEa1HhX7d2cehq1CUZsttxdqIV0F6uQHq3dKmn:3to4TyUGttxkk0FcHcMy
Static task
static1
Malware Config
Targets
-
-
Target
96757b02420aeb76ef99819fb57b1086d7f0db2e68a769331ecef6b345ce7b56
-
Size
4.1MB
-
MD5
255fbe8accbaa2089876575f6e048710
-
SHA1
6cd7d785b76b56ae4321de046f91824b7213d52e
-
SHA256
96757b02420aeb76ef99819fb57b1086d7f0db2e68a769331ecef6b345ce7b56
-
SHA512
ca9894902090f1a37374fc664081e59fbc652d4f6ac883671600f71b6f1b9c95e483e99057d829844293de4a9680eae25570819b5392afaf8135ae24bf18d6f0
-
SSDEEP
98304:/ftowq6CEEa1HhX7d2cehq1CUZsttxdqIV0F6uQHq3dKmn:3to4TyUGttxkk0FcHcMy
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-