General
-
Target
6b5ded31810615fc47be87fdf7a6dd27bc49e36ce13cf1afbb0477cb4413fb11
-
Size
4.1MB
-
Sample
230207-afszksge78
-
MD5
a47239ec894cd0b02a14d95eada66032
-
SHA1
428ccbbac610e2d880d4497e3ebe74fe06bf6521
-
SHA256
6b5ded31810615fc47be87fdf7a6dd27bc49e36ce13cf1afbb0477cb4413fb11
-
SHA512
00dadd8e7ccc7df0353c15710df89e85b9f428a8894cd649316ff3d82e04d0d0bbf86986d50c9ab1192288cff4b1f97fb5570ad9d6ad6173e5c428e3ece7017a
-
SSDEEP
98304:VHyZp+1rPyhH/yy33476G2TYO+2MaXwZQu/jI:VHyZpIDyNDHpGusafu/E
Static task
static1
Malware Config
Targets
-
-
Target
6b5ded31810615fc47be87fdf7a6dd27bc49e36ce13cf1afbb0477cb4413fb11
-
Size
4.1MB
-
MD5
a47239ec894cd0b02a14d95eada66032
-
SHA1
428ccbbac610e2d880d4497e3ebe74fe06bf6521
-
SHA256
6b5ded31810615fc47be87fdf7a6dd27bc49e36ce13cf1afbb0477cb4413fb11
-
SHA512
00dadd8e7ccc7df0353c15710df89e85b9f428a8894cd649316ff3d82e04d0d0bbf86986d50c9ab1192288cff4b1f97fb5570ad9d6ad6173e5c428e3ece7017a
-
SSDEEP
98304:VHyZp+1rPyhH/yy33476G2TYO+2MaXwZQu/jI:VHyZpIDyNDHpGusafu/E
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-