General
-
Target
27cb6c7baa77bd84c21e29c75365c6990c69d0d9134e0f9272f3444aacba4488
-
Size
3.1MB
-
Sample
211122-m88xqaacg5
-
MD5
f2d50918efd1be9dfae1c6e049e797d8
-
SHA1
81b57e9cab3e582a1f433d656f12df198225ad1e
-
SHA256
27cb6c7baa77bd84c21e29c75365c6990c69d0d9134e0f9272f3444aacba4488
-
SHA512
e5ac48e2a6f4d7f1fc894225a50112b247295ecbf853c1175ddb944976f26bea1642c7f674dd5d752dcb42b9d5c07e71c1fb4dec80757e1bc2ace170f0bffb8d
Static task
static1
Behavioral task
behavioral1
Sample
27cb6c7baa77bd84c21e29c75365c6990c69d0d9134e0f9272f3444aacba4488.exe
Resource
win7-en-20211104
Malware Config
Extracted
C:\Program Files\7-Zip\jrR7_HOW_TO_DECRYPT.txt
hive
http://hiveleakdbtnp76ulyhi52eag6c6tyc3xw7ez7iqy6wc34gd2nekazyd.onion/
http://hivecust6vhekztbqgdnkks64ucehqacge3dij3gyrrpdp57zoq3ooqd.onion/
Targets
-
-
Target
27cb6c7baa77bd84c21e29c75365c6990c69d0d9134e0f9272f3444aacba4488
-
Size
3.1MB
-
MD5
f2d50918efd1be9dfae1c6e049e797d8
-
SHA1
81b57e9cab3e582a1f433d656f12df198225ad1e
-
SHA256
27cb6c7baa77bd84c21e29c75365c6990c69d0d9134e0f9272f3444aacba4488
-
SHA512
e5ac48e2a6f4d7f1fc894225a50112b247295ecbf853c1175ddb944976f26bea1642c7f674dd5d752dcb42b9d5c07e71c1fb4dec80757e1bc2ace170f0bffb8d
-
Modifies security service
-
Clears Windows event logs
-