General
-
Target
df818880a47e17f4b98337d737d45d54f38580eb35670230cd33f03c8288cd6a
-
Size
4.1MB
-
Sample
230205-madnxscd6w
-
MD5
2dae2051d484e38b632bdb465f7f37ab
-
SHA1
e5b4c664b862162410bec22c013073fb4c88d5ef
-
SHA256
df818880a47e17f4b98337d737d45d54f38580eb35670230cd33f03c8288cd6a
-
SHA512
6d9a8ce30d7091892b8332eb7abdedfa6920b5297f2f0bec9166123dfac0aafd94ad50d037d5effede0293cd02329e9b484678d682710a3bf6276741e874edee
-
SSDEEP
98304:wKkFVqJRUD4yKVxLziwc8rm7PLVR0gw3MaW3jkHpIr5+O+RY:wKdXUD4F1mw5rMADFW3jkjlm
Static task
static1
Malware Config
Targets
-
-
Target
df818880a47e17f4b98337d737d45d54f38580eb35670230cd33f03c8288cd6a
-
Size
4.1MB
-
MD5
2dae2051d484e38b632bdb465f7f37ab
-
SHA1
e5b4c664b862162410bec22c013073fb4c88d5ef
-
SHA256
df818880a47e17f4b98337d737d45d54f38580eb35670230cd33f03c8288cd6a
-
SHA512
6d9a8ce30d7091892b8332eb7abdedfa6920b5297f2f0bec9166123dfac0aafd94ad50d037d5effede0293cd02329e9b484678d682710a3bf6276741e874edee
-
SSDEEP
98304:wKkFVqJRUD4yKVxLziwc8rm7PLVR0gw3MaW3jkHpIr5+O+RY:wKdXUD4F1mw5rMADFW3jkjlm
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-