General
-
Target
4136661e8a9689aca8802518294b02fe.exe
-
Size
2.2MB
-
Sample
220107-rb4zqaccg9
-
MD5
4136661e8a9689aca8802518294b02fe
-
SHA1
3f43207a00cd456fd54e783e95b20a849c09961b
-
SHA256
32ca272da062d0997c8131b5488af9858420cb97ab7d67fb911afc37d45e4788
-
SHA512
6d9290a19be178c2e561bb9209ee5bf7309a8d89922ebc3cc200756d6e85058aedce1a3df6c45149f2c677f61c98b8fee943d31807aece251799710ae42ec82e
Static task
static1
Behavioral task
behavioral1
Sample
4136661e8a9689aca8802518294b02fe.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
4136661e8a9689aca8802518294b02fe.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.38
91.243.32.131:80
-
communication_password
202cb962ac59075b964b07152d234b70
-
install_dir
Defenderzone
-
install_file
syspro.exe
-
tor_process
tor
Targets
-
-
Target
4136661e8a9689aca8802518294b02fe.exe
-
Size
2.2MB
-
MD5
4136661e8a9689aca8802518294b02fe
-
SHA1
3f43207a00cd456fd54e783e95b20a849c09961b
-
SHA256
32ca272da062d0997c8131b5488af9858420cb97ab7d67fb911afc37d45e4788
-
SHA512
6d9290a19be178c2e561bb9209ee5bf7309a8d89922ebc3cc200756d6e85058aedce1a3df6c45149f2c677f61c98b8fee943d31807aece251799710ae42ec82e
Score10/10-
mimikatz is an open source tool to dump credentials on Windows
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-