General
-
Target
760138.exe
-
Size
60KB
-
Sample
210226-asfm3ctges
-
MD5
599efde12b6948266df775575d37c433
-
SHA1
6c4953baee81b92254a73d40182678cfbe59c63b
-
SHA256
5c2766a9b8df935b6144459c3ae5c8f6b7cab54ab844cc78ae770ed1481c4220
-
SHA512
fb340259594c64c5b1b7ec60190a587dad6b5d7cbd3b991c737578836e4c4b26e475e01f0c2d90227d3563a0091d66d2518fb98d3f0228130c64bd10cd7a01e6
Static task
static1
Behavioral task
behavioral1
Sample
760138.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
760138.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
760138.exe
-
Size
60KB
-
MD5
599efde12b6948266df775575d37c433
-
SHA1
6c4953baee81b92254a73d40182678cfbe59c63b
-
SHA256
5c2766a9b8df935b6144459c3ae5c8f6b7cab54ab844cc78ae770ed1481c4220
-
SHA512
fb340259594c64c5b1b7ec60190a587dad6b5d7cbd3b991c737578836e4c4b26e475e01f0c2d90227d3563a0091d66d2518fb98d3f0228130c64bd10cd7a01e6
Score10/10-
BitRAT Payload
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-