General
-
Target
New Stone inquiry 01022021 897GFRSDDCADEN.scr
-
Size
1.1MB
-
Sample
210301-c385d2n41a
-
MD5
eb6ac9d5508beacc227bd3888f835cd6
-
SHA1
6e4c8136b2d720712a072238010ca3b24e269eca
-
SHA256
22cfc4b78b3482f98f18795cd81276a8984604fa808ee9364d0db3fa49dbc598
-
SHA512
9e3b0be5062761f3b5e4284c7fbbc305c10cdfad9e26bc4945110e65b032ccc5e78e1cb7cd38e8bab4040018bb165aa1cce036adb1673670e0ca531def07f1d7
Static task
static1
Behavioral task
behavioral1
Sample
New Stone inquiry 01022021 897GFRSDDCADEN.scr
Resource
win7v20201028
Behavioral task
behavioral2
Sample
New Stone inquiry 01022021 897GFRSDDCADEN.scr
Resource
win10v20201028
Malware Config
Targets
-
-
Target
New Stone inquiry 01022021 897GFRSDDCADEN.scr
-
Size
1.1MB
-
MD5
eb6ac9d5508beacc227bd3888f835cd6
-
SHA1
6e4c8136b2d720712a072238010ca3b24e269eca
-
SHA256
22cfc4b78b3482f98f18795cd81276a8984604fa808ee9364d0db3fa49dbc598
-
SHA512
9e3b0be5062761f3b5e4284c7fbbc305c10cdfad9e26bc4945110e65b032ccc5e78e1cb7cd38e8bab4040018bb165aa1cce036adb1673670e0ca531def07f1d7
Score10/10-
BitRAT Payload
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-