General
-
Target
chthonic_2.23.15.14.vir
-
Size
407KB
-
Sample
200719-8qhp4r2y3n
-
MD5
878804a067f5d32ba006f57a6635e87e
-
SHA1
1433f4c575719b8a9269597a997e15ff2420caf5
-
SHA256
a637d7360ef409b2d9f3038de841583a039287ee7f54d2f634d9cea6c0fd502f
-
SHA512
707930f022dd4a0595f98c76e8602d8b531c1c7de8c0c311eef082b97fffab67358e7f633541c3afe00e9080d8017eba8e46c89392b5af7eb9e5f838b5f75961
Static task
static1
Behavioral task
behavioral1
Sample
chthonic_2.23.15.14.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
chthonic_2.23.15.14.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
chthonic_2.23.15.14.vir
-
Size
407KB
-
MD5
878804a067f5d32ba006f57a6635e87e
-
SHA1
1433f4c575719b8a9269597a997e15ff2420caf5
-
SHA256
a637d7360ef409b2d9f3038de841583a039287ee7f54d2f634d9cea6c0fd502f
-
SHA512
707930f022dd4a0595f98c76e8602d8b531c1c7de8c0c311eef082b97fffab67358e7f633541c3afe00e9080d8017eba8e46c89392b5af7eb9e5f838b5f75961
Score10/10-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Modifies WinLogon to allow AutoLogon
Enables rebooting of the machine without requiring login credentials.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Modifies service
-
Suspicious use of SetThreadContext
-