General
-
Target
889e4e4c5ca57e046f2327d5c30d237c00ca99c785d253f6ba9df9a0bea13081
-
Size
4.1MB
-
Sample
230204-lgen5ada57
-
MD5
34f4757455297b9a149696cd072a83be
-
SHA1
65043ae128e1b006d718847db179380beac51076
-
SHA256
889e4e4c5ca57e046f2327d5c30d237c00ca99c785d253f6ba9df9a0bea13081
-
SHA512
07d625618ba95adb919c143618b74391eb21ee1febae876ee6a2854c67d53b4eabe24c2f62523a9d24739c722ba74f3744568e6642fbbf42d0a4e73ad991028f
-
SSDEEP
98304:/ftowq6CEEa1HhX7d2cehq1CUZsttxdqIV0F6uQHq3dKmj:3to4TyUGttxkk0FcHcMy
Static task
static1
Malware Config
Targets
-
-
Target
889e4e4c5ca57e046f2327d5c30d237c00ca99c785d253f6ba9df9a0bea13081
-
Size
4.1MB
-
MD5
34f4757455297b9a149696cd072a83be
-
SHA1
65043ae128e1b006d718847db179380beac51076
-
SHA256
889e4e4c5ca57e046f2327d5c30d237c00ca99c785d253f6ba9df9a0bea13081
-
SHA512
07d625618ba95adb919c143618b74391eb21ee1febae876ee6a2854c67d53b4eabe24c2f62523a9d24739c722ba74f3744568e6642fbbf42d0a4e73ad991028f
-
SSDEEP
98304:/ftowq6CEEa1HhX7d2cehq1CUZsttxdqIV0F6uQHq3dKmj:3to4TyUGttxkk0FcHcMy
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-