General
-
Target
Ouiojcejoyugnzyrllxqhjgpjgtmcpzvnp.exe
-
Size
836KB
-
Sample
210906-14ltaaegbj
-
MD5
53873b761c0fd3af78b4bcd0107f4a0b
-
SHA1
ee8e55e742670d4c7888ee9f5d06a6d9e92c4ef4
-
SHA256
5d0970ca455fd58945e13f996aaf77a66a7468d0927a3cfd41cbd22b20d13cdc
-
SHA512
31e57363ad2be1d7d6a0202d347e1b0bd4d9a08be36c2ab057187608f920f3471359b51e07baeb65e3a4445f028d3076db886f7956feaa4b53dda826f6280129
Static task
static1
Behavioral task
behavioral1
Sample
Ouiojcejoyugnzyrllxqhjgpjgtmcpzvnp.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Ouiojcejoyugnzyrllxqhjgpjgtmcpzvnp.exe
Resource
win10-en
Malware Config
Targets
-
-
Target
Ouiojcejoyugnzyrllxqhjgpjgtmcpzvnp.exe
-
Size
836KB
-
MD5
53873b761c0fd3af78b4bcd0107f4a0b
-
SHA1
ee8e55e742670d4c7888ee9f5d06a6d9e92c4ef4
-
SHA256
5d0970ca455fd58945e13f996aaf77a66a7468d0927a3cfd41cbd22b20d13cdc
-
SHA512
31e57363ad2be1d7d6a0202d347e1b0bd4d9a08be36c2ab057187608f920f3471359b51e07baeb65e3a4445f028d3076db886f7956feaa4b53dda826f6280129
Score10/10-
BitRAT Payload
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
suricata: ET MALWARE Observed Malicious SSL Cert (BitRAT CnC)
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-