General
-
Target
Purchase Order NO32874287782377732 July 2021 .exe
-
Size
2.5MB
-
Sample
210726-ckpz2cggwn
-
MD5
37b87bb801399002ce5109fa582512de
-
SHA1
d634ba38c689efef5c72f976b88b61e5bb78989a
-
SHA256
317b32811ef46a4dec52e650315c82b5a5f867f49e5844bb11ed4e1f5281e6d9
-
SHA512
fd066e3d8dd991dd78b0efeb09ce0bd4393dc234b82038ee3a22e6b64defa75fec6d54736fb9375a7e26773eb767f90c99b70e4f9a63c379d666a72f129823fd
Static task
static1
Behavioral task
behavioral1
Sample
Purchase Order NO32874287782377732 July 2021 .exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
Purchase Order NO32874287782377732 July 2021 .exe
-
Size
2.5MB
-
MD5
37b87bb801399002ce5109fa582512de
-
SHA1
d634ba38c689efef5c72f976b88b61e5bb78989a
-
SHA256
317b32811ef46a4dec52e650315c82b5a5f867f49e5844bb11ed4e1f5281e6d9
-
SHA512
fd066e3d8dd991dd78b0efeb09ce0bd4393dc234b82038ee3a22e6b64defa75fec6d54736fb9375a7e26773eb767f90c99b70e4f9a63c379d666a72f129823fd
-
BitRAT Payload
-
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-