General
-
Target
hta.hta
-
Size
3.6MB
-
Sample
220120-fqb2psfhg7
-
MD5
3aeb3119d5782739c238aa5c216f706e
-
SHA1
68e8ce8c8a39660555661d7436d9081ec2454dfa
-
SHA256
12138c2aca3eaebf6c6b3f1b7b24c68ea5b9d29d4e88ed8412b46b5ce8feb2bb
-
SHA512
fe47a283d8ddd9782a7ac9e9f77c427dd528fd3e8536c3a9e32c147313df326e256f8660c6633621b7282928bd02fa2cc7019cef2030ce4c09dd551e503ea4df
Static task
static1
Malware Config
Extracted
Family
bitrat
Version
1.38
C2
learnatallcost2.ddns.net:9050
Attributes
-
communication_password
4a3e00961a08879c34f91ca0070ea2f5
-
tor_process
tor
Targets
-
-
Target
hta.hta
-
Size
3.6MB
-
MD5
3aeb3119d5782739c238aa5c216f706e
-
SHA1
68e8ce8c8a39660555661d7436d9081ec2454dfa
-
SHA256
12138c2aca3eaebf6c6b3f1b7b24c68ea5b9d29d4e88ed8412b46b5ce8feb2bb
-
SHA512
fe47a283d8ddd9782a7ac9e9f77c427dd528fd3e8536c3a9e32c147313df326e256f8660c6633621b7282928bd02fa2cc7019cef2030ce4c09dd551e503ea4df
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-