General
-
Target
watch
-
Size
840KB
-
Sample
240513-eb24xahf6z
-
MD5
e2f614108b5449b53d0ff0ebfe2d7c5e
-
SHA1
3d841bc22cf48c82f13efce9838e6ab51ab85e36
-
SHA256
8b2e844a447aed5641fe1ce8434d06f3e8a9674117e9804c4bfb4cfb699174e9
-
SHA512
0802c0177e6e3043d7d62f119ac0dea87a06a9b8f59433ed7b2279fd8d0e745274a3524bfb2f0a333d3f2f9712bd90774f8a66258b8fda844141ac8bea0cc0af
-
SSDEEP
12288:5UKDKNKsKzKCKMKkKzKlK2zY3UVqiqYo9TgG5T:5fOUW
Static task
static1
Malware Config
Targets
-
-
Target
watch
-
Size
840KB
-
MD5
e2f614108b5449b53d0ff0ebfe2d7c5e
-
SHA1
3d841bc22cf48c82f13efce9838e6ab51ab85e36
-
SHA256
8b2e844a447aed5641fe1ce8434d06f3e8a9674117e9804c4bfb4cfb699174e9
-
SHA512
0802c0177e6e3043d7d62f119ac0dea87a06a9b8f59433ed7b2279fd8d0e745274a3524bfb2f0a333d3f2f9712bd90774f8a66258b8fda844141ac8bea0cc0af
-
SSDEEP
12288:5UKDKNKsKzKCKMKkKzKlK2zY3UVqiqYo9TgG5T:5fOUW
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-