General
-
Target
063822ca7966327be6a3dadb06e16d6c.exe.vir
-
Size
5MB
-
Sample
220115-vks6cseha4
-
MD5
063822ca7966327be6a3dadb06e16d6c
-
SHA1
68f61f2bcf3c325adbb190b892297d78a4f75254
-
SHA256
515f555c06db60243a892bbdf57704792956569387482f6a7a001a782bb6bcd1
-
SHA512
8c6e0963f3d8c4510426e8cf7511e62cd65eb6873037e235f9b27ac52736f4535ccc1cf499e2c689285c4bc76a9e3cb276c6dc5144bf1bd1222714333e698be5
Static task
static1
Behavioral task
behavioral1
Sample
063822ca7966327be6a3dadb06e16d6c.exe.vir.exe
Resource
win10-en-20211208
Behavioral task
behavioral2
Sample
063822ca7966327be6a3dadb06e16d6c.exe.vir.exe
Resource
win10v2004-en-20220112
Behavioral task
behavioral3
Sample
063822ca7966327be6a3dadb06e16d6c.exe.vir.exe
Resource
win11
Malware Config
Extracted
bitrat
1.38
2.56.59.239:7355
-
communication_password
c7dd0cd2ba364f132afa1dc58698c64e
-
tor_process
tor
Targets
-
-
Target
063822ca7966327be6a3dadb06e16d6c.exe.vir
-
Size
5MB
-
MD5
063822ca7966327be6a3dadb06e16d6c
-
SHA1
68f61f2bcf3c325adbb190b892297d78a4f75254
-
SHA256
515f555c06db60243a892bbdf57704792956569387482f6a7a001a782bb6bcd1
-
SHA512
8c6e0963f3d8c4510426e8cf7511e62cd65eb6873037e235f9b27ac52736f4535ccc1cf499e2c689285c4bc76a9e3cb276c6dc5144bf1bd1222714333e698be5
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation