General
-
Target
2.exe
-
Size
785KB
-
Sample
220106-k5hj9abbc9
-
MD5
751cfacd6de472704d072d56cd27769e
-
SHA1
733fd283e27fedb060e4b841f4737a28ba126600
-
SHA256
1df11ec4ef8cfeda563e1103d5e0cdc4ed10601b37e0ea9f93be82433ab68c72
-
SHA512
b036ad1a18b920fe56686d6a8b699286dc646bf992823617b73b1f7bae7197ffe1ebc80999a861cab92bf97fcb6855cdcef061d8bf5a27631179b467ffec2d39
Static task
static1
Behavioral task
behavioral1
Sample
2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
2.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.38
severdops.ddns.net:3071
-
communication_password
29ef52e7563626a96cea7f4b4085c124
-
tor_process
tor
Targets
-
-
Target
2.exe
-
Size
785KB
-
MD5
751cfacd6de472704d072d56cd27769e
-
SHA1
733fd283e27fedb060e4b841f4737a28ba126600
-
SHA256
1df11ec4ef8cfeda563e1103d5e0cdc4ed10601b37e0ea9f93be82433ab68c72
-
SHA512
b036ad1a18b920fe56686d6a8b699286dc646bf992823617b73b1f7bae7197ffe1ebc80999a861cab92bf97fcb6855cdcef061d8bf5a27631179b467ffec2d39
Score10/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-