General
-
Target
1a95f16a_by_Libranalysis
-
Size
2.1MB
-
Sample
210506-v4wx5gja6a
-
MD5
1a95f16ac6f8c8c58a328d10e4263e9b
-
SHA1
12ce6530ec3c85cd2b1c5b58ab727fc2cc82217b
-
SHA256
ac84f24af4ee7638d9ee6c5d4b080130a7e1055e5f9bfbc1991dc889a03f664c
-
SHA512
f61a24cf4338e656672e76611a8b60c63da3eec4447a56c995a0b2d4662bfec8b155b67f67c7f1527feae75ccccc24c333989b3c73836ae2dbae70b5a8aaf0d1
Static task
static1
Behavioral task
behavioral1
Sample
1a95f16a_by_Libranalysis.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
1a95f16a_by_Libranalysis.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
1a95f16a_by_Libranalysis
-
Size
2.1MB
-
MD5
1a95f16ac6f8c8c58a328d10e4263e9b
-
SHA1
12ce6530ec3c85cd2b1c5b58ab727fc2cc82217b
-
SHA256
ac84f24af4ee7638d9ee6c5d4b080130a7e1055e5f9bfbc1991dc889a03f664c
-
SHA512
f61a24cf4338e656672e76611a8b60c63da3eec4447a56c995a0b2d4662bfec8b155b67f67c7f1527feae75ccccc24c333989b3c73836ae2dbae70b5a8aaf0d1
Score10/10-
BitRAT Payload
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-