General
-
Target
NEED DRAFT discounting bank name & price LC USD48942631xls.exe
-
Size
8.8MB
-
Sample
210114-ttjcvkdex2
-
MD5
27193c475f1439de214dbfe9c7b2c928
-
SHA1
4015a10b7970ddaf78ef79d3f4562ad6c65f9ff6
-
SHA256
77993430a884344d7de54e69aa1d4b4e0fc81327f3cf7c8d39b5aba710518fa3
-
SHA512
afac86ff53797cdaa759b548da33ecdcd026567e4e3006df8b52ab6657514d32133b3c6f06106cba4b7fa1751ad4ae38346567b208cedba2ee56ed533c53f029
Static task
static1
Behavioral task
behavioral1
Sample
NEED DRAFT discounting bank name & price LC USD48942631xls.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
NEED DRAFT discounting bank name & price LC USD48942631xls.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
NEED DRAFT discounting bank name & price LC USD48942631xls.exe
-
Size
8.8MB
-
MD5
27193c475f1439de214dbfe9c7b2c928
-
SHA1
4015a10b7970ddaf78ef79d3f4562ad6c65f9ff6
-
SHA256
77993430a884344d7de54e69aa1d4b4e0fc81327f3cf7c8d39b5aba710518fa3
-
SHA512
afac86ff53797cdaa759b548da33ecdcd026567e4e3006df8b52ab6657514d32133b3c6f06106cba4b7fa1751ad4ae38346567b208cedba2ee56ed533c53f029
-
BitRAT Payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-