General
-
Target
5e31feaf8299df1bf7a4109f5dacba46ebf31841a0ca5fc3ad33711a9abaa9bf.bin
-
Size
3.8MB
-
Sample
211221-xwtmdaedh9
-
MD5
ef4695a037ab11fae5f83dc17202aabe
-
SHA1
b793cb372eaa57cdd8a0c997527f43819c4c01ed
-
SHA256
5e31feaf8299df1bf7a4109f5dacba46ebf31841a0ca5fc3ad33711a9abaa9bf
-
SHA512
12e74d7f9f45ac11e3e846c0162825a6f17fb9599ffe618a3cbdc615e91cfbc8f70723df2aa485396250c39d0c8b247b49afa74ec0237525977ba38cda521b3d
Static task
static1
Behavioral task
behavioral1
Sample
5e31feaf8299df1bf7a4109f5dacba46ebf31841a0ca5fc3ad33711a9abaa9bf.bin.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
5e31feaf8299df1bf7a4109f5dacba46ebf31841a0ca5fc3ad33711a9abaa9bf.bin.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
5e31feaf8299df1bf7a4109f5dacba46ebf31841a0ca5fc3ad33711a9abaa9bf.bin
-
Size
3.8MB
-
MD5
ef4695a037ab11fae5f83dc17202aabe
-
SHA1
b793cb372eaa57cdd8a0c997527f43819c4c01ed
-
SHA256
5e31feaf8299df1bf7a4109f5dacba46ebf31841a0ca5fc3ad33711a9abaa9bf
-
SHA512
12e74d7f9f45ac11e3e846c0162825a6f17fb9599ffe618a3cbdc615e91cfbc8f70723df2aa485396250c39d0c8b247b49afa74ec0237525977ba38cda521b3d
Score10/10-
BitRAT Payload
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-