General
-
Target
joga.exe
-
Size
2.2MB
-
Sample
211221-sp6k5sdhd7
-
MD5
f9563a0236add88c9d88476b20135cef
-
SHA1
43e5250e10ab3bc1ea6c569269f12328883974b5
-
SHA256
cb885f967143736bd3214488784c23c1baf836462274ed172e82982fd09e61fd
-
SHA512
6393b44c01562803d261365297ee77ce959bac0f028f02612bc0486b655a07cb74b3eb8591b77b81c851fef78d86b283c2dd5f8d0035fba5091c9bed028deca3
Static task
static1
Behavioral task
behavioral1
Sample
joga.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
joga.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
joga.exe
-
Size
2.2MB
-
MD5
f9563a0236add88c9d88476b20135cef
-
SHA1
43e5250e10ab3bc1ea6c569269f12328883974b5
-
SHA256
cb885f967143736bd3214488784c23c1baf836462274ed172e82982fd09e61fd
-
SHA512
6393b44c01562803d261365297ee77ce959bac0f028f02612bc0486b655a07cb74b3eb8591b77b81c851fef78d86b283c2dd5f8d0035fba5091c9bed028deca3
-
BitRAT Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-