General
-
Target
New Purchase Order.exe
-
Size
1.9MB
-
Sample
210302-7xv7c7h5ca
-
MD5
445c5601b974d8f957ab67c055a2223e
-
SHA1
e6df9f893dfed8264157ba52edfc5d2bbb864132
-
SHA256
b178cc14b83a2ccd52bfe7665abf7d50ee14f7169896f0a68ea700f5aa506b25
-
SHA512
54dcfe68b0a5d4fe6904ce0c17cfbb1544bd3586dce82f14d162464a3bdc289f12c64c469767292d0a67b006a965c03767377748e6b0f4b9ea56cd9a3bccb7e0
Static task
static1
Behavioral task
behavioral1
Sample
New Purchase Order.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
New Purchase Order.exe
-
Size
1.9MB
-
MD5
445c5601b974d8f957ab67c055a2223e
-
SHA1
e6df9f893dfed8264157ba52edfc5d2bbb864132
-
SHA256
b178cc14b83a2ccd52bfe7665abf7d50ee14f7169896f0a68ea700f5aa506b25
-
SHA512
54dcfe68b0a5d4fe6904ce0c17cfbb1544bd3586dce82f14d162464a3bdc289f12c64c469767292d0a67b006a965c03767377748e6b0f4b9ea56cd9a3bccb7e0
-
BitRAT Payload
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-