General
-
Target
9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d
-
Size
555KB
-
Sample
211207-2wpewagdb7
-
MD5
8c010d565f0ae6ae084bdeb35fba7ff1
-
SHA1
95485abfab63edbd848f3f3ec2821f50aba0b74d
-
SHA256
9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d
-
SHA512
73fa980b534c6ad3af0752b5eb775652d5cada3ed66fabdeceec74d6cfe9de01db9f7f7788612d77c9ad3270ed3c8b6c16131ccffe0207b8b7f8714d0f725215
Static task
static1
Behavioral task
behavioral1
Sample
9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d.exe
Resource
win10-en-20211104
Malware Config
Targets
-
-
Target
9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d
-
Size
555KB
-
MD5
8c010d565f0ae6ae084bdeb35fba7ff1
-
SHA1
95485abfab63edbd848f3f3ec2821f50aba0b74d
-
SHA256
9b7a42def14129b70c89d87853845f8c21fe04c6787757d3e59d6bd1ee21234d
-
SHA512
73fa980b534c6ad3af0752b5eb775652d5cada3ed66fabdeceec74d6cfe9de01db9f7f7788612d77c9ad3270ed3c8b6c16131ccffe0207b8b7f8714d0f725215
Score10/10-
BitRAT Payload
-
Downloads MZ/PE file
-
Modifies Installed Components in the registry
-
Drops startup file
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-