General
-
Target
0a7dba172f5485536a67007bbb67f209
-
Size
2.3MB
-
Sample
220107-bdtc1abga6
-
MD5
0a7dba172f5485536a67007bbb67f209
-
SHA1
7352fbbee9419e6afe958bfd34d55ffafeda0d58
-
SHA256
f10d43cfd07a986f1f3c75eb7c90af7e1d841530709f8dcac64bfbfcb53ec736
-
SHA512
6f2c94a396ed78e925c0d3dd6926498a7ba78bb5a111287b5c0b1122681e196fc526496a433e5b3b431988a5d6eb75218d0b5c814971163dbc489193454d14ba
Static task
static1
Behavioral task
behavioral1
Sample
0a7dba172f5485536a67007bbb67f209.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0a7dba172f5485536a67007bbb67f209.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.38
severdops.ddns.net:3071
-
communication_password
29ef52e7563626a96cea7f4b4085c124
-
tor_process
tor
Targets
-
-
Target
0a7dba172f5485536a67007bbb67f209
-
Size
2.3MB
-
MD5
0a7dba172f5485536a67007bbb67f209
-
SHA1
7352fbbee9419e6afe958bfd34d55ffafeda0d58
-
SHA256
f10d43cfd07a986f1f3c75eb7c90af7e1d841530709f8dcac64bfbfcb53ec736
-
SHA512
6f2c94a396ed78e925c0d3dd6926498a7ba78bb5a111287b5c0b1122681e196fc526496a433e5b3b431988a5d6eb75218d0b5c814971163dbc489193454d14ba
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-