General
-
Target
d7ab9ebf86b0d1e2121a7312db4a94fac78942f05e8fe99a531213b618d7b925
-
Size
2.3MB
-
Sample
220121-22rgescbe8
-
MD5
3a5142595acc5bc1445ae775bb4dd58c
-
SHA1
4455feead6c4aed1a7a5ed2b820df9a0f3740676
-
SHA256
d7ab9ebf86b0d1e2121a7312db4a94fac78942f05e8fe99a531213b618d7b925
-
SHA512
bb74bc7edb11ff4d8ff828077584d3e6ad9066e956fc6c4fbf6eeb99e5cdbe0986d7682083cffa4d3c7fb97d8732c04886fb0ef26f10a40516fd6515ae7bd5c6
Static task
static1
Behavioral task
behavioral1
Sample
d7ab9ebf86b0d1e2121a7312db4a94fac78942f05e8fe99a531213b618d7b925.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
d7ab9ebf86b0d1e2121a7312db4a94fac78942f05e8fe99a531213b618d7b925.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9097
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
System320772736e3b1d119b3
-
install_file
System320772736e3b1d119b.exe
-
tor_process
tor
Targets
-
-
Target
d7ab9ebf86b0d1e2121a7312db4a94fac78942f05e8fe99a531213b618d7b925
-
Size
2.3MB
-
MD5
3a5142595acc5bc1445ae775bb4dd58c
-
SHA1
4455feead6c4aed1a7a5ed2b820df9a0f3740676
-
SHA256
d7ab9ebf86b0d1e2121a7312db4a94fac78942f05e8fe99a531213b618d7b925
-
SHA512
bb74bc7edb11ff4d8ff828077584d3e6ad9066e956fc6c4fbf6eeb99e5cdbe0986d7682083cffa4d3c7fb97d8732c04886fb0ef26f10a40516fd6515ae7bd5c6
Score10/10-
CustAttr .NET packer
Detects CustAttr .NET packer in memory.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-