General
-
Target
a65b75567794b4d9f2558c672bd07dd5.exe
-
Size
1.9MB
-
Sample
220107-qp4qfaccf2
-
MD5
a65b75567794b4d9f2558c672bd07dd5
-
SHA1
e217c9fde4b32680a11adf2200e673519f595bd3
-
SHA256
cc7d7321cd0e93fb312ea39c0124256fa60b3335cd6632ec0e83ffb4bf2b3dc9
-
SHA512
4388fc585cd542df150f427b2d7b4bea03de0cd51ce634dea5935215582990b55546f3e39ae172a6c142b0b96d83a659a6b14a336a622978c5d0a9de23062ccb
Static task
static1
Behavioral task
behavioral1
Sample
a65b75567794b4d9f2558c672bd07dd5.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
a65b75567794b4d9f2558c672bd07dd5.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.38
severdops.ddns.net:3071
-
communication_password
29ef52e7563626a96cea7f4b4085c124
-
install_dir
msWORLD
-
install_file
excel.exe
-
tor_process
tor
Targets
-
-
Target
a65b75567794b4d9f2558c672bd07dd5.exe
-
Size
1.9MB
-
MD5
a65b75567794b4d9f2558c672bd07dd5
-
SHA1
e217c9fde4b32680a11adf2200e673519f595bd3
-
SHA256
cc7d7321cd0e93fb312ea39c0124256fa60b3335cd6632ec0e83ffb4bf2b3dc9
-
SHA512
4388fc585cd542df150f427b2d7b4bea03de0cd51ce634dea5935215582990b55546f3e39ae172a6c142b0b96d83a659a6b14a336a622978c5d0a9de23062ccb
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-