General
-
Target
dd076dcb0105055efd6e3bb1a8ad0116e600447a80788081a38b67c120b61a25
-
Size
2.1MB
-
Sample
220121-21yjcacbb9
-
MD5
3112f00605198acf9bb536f4857acbc8
-
SHA1
6a2baf266241e6d5ef90b05c9bfcef31adc34dff
-
SHA256
dd076dcb0105055efd6e3bb1a8ad0116e600447a80788081a38b67c120b61a25
-
SHA512
3621785e59eeb83679cc8d9e4a224f2c1147e4f2a35863160b9519d330741968b787e46b4f9bbdb615fca6a4eafc31cd86fa29321fa8652a20cf16afa34b3f60
Static task
static1
Behavioral task
behavioral1
Sample
dd076dcb0105055efd6e3bb1a8ad0116e600447a80788081a38b67c120b61a25.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
dd076dcb0105055efd6e3bb1a8ad0116e600447a80788081a38b67c120b61a25.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9096
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
antivirusscamdefenderlogss
-
install_file
antivirusscamdefenderlog.exe
-
tor_process
tor
Targets
-
-
Target
dd076dcb0105055efd6e3bb1a8ad0116e600447a80788081a38b67c120b61a25
-
Size
2.1MB
-
MD5
3112f00605198acf9bb536f4857acbc8
-
SHA1
6a2baf266241e6d5ef90b05c9bfcef31adc34dff
-
SHA256
dd076dcb0105055efd6e3bb1a8ad0116e600447a80788081a38b67c120b61a25
-
SHA512
3621785e59eeb83679cc8d9e4a224f2c1147e4f2a35863160b9519d330741968b787e46b4f9bbdb615fca6a4eafc31cd86fa29321fa8652a20cf16afa34b3f60
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-