General
-
Target
d38c5450042d5abed1dc9fb3ad31dace57016abad7365d16aab59982c61b9fec
-
Size
2.2MB
-
Sample
220121-23qaraceer
-
MD5
7545c015bd1feba22347fcbe6e5e0a86
-
SHA1
bcb1fd3b33f243ca8e2f3ac87e2700be8e04d002
-
SHA256
d38c5450042d5abed1dc9fb3ad31dace57016abad7365d16aab59982c61b9fec
-
SHA512
505b1867673c86e654cdd369332bad493100fb37d9f24cbe91855c98c2d70022eea92ec0eff6ea52f8eb723096d2709cb87e15f55701d834d213bf72619d16ed
Static task
static1
Behavioral task
behavioral1
Sample
d38c5450042d5abed1dc9fb3ad31dace57016abad7365d16aab59982c61b9fec.exe
Resource
win7-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9096
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
antivirusscamdefenderlogss
-
install_file
antivirusscamdefenderlog.exe
-
tor_process
tor
Targets
-
-
Target
d38c5450042d5abed1dc9fb3ad31dace57016abad7365d16aab59982c61b9fec
-
Size
2.2MB
-
MD5
7545c015bd1feba22347fcbe6e5e0a86
-
SHA1
bcb1fd3b33f243ca8e2f3ac87e2700be8e04d002
-
SHA256
d38c5450042d5abed1dc9fb3ad31dace57016abad7365d16aab59982c61b9fec
-
SHA512
505b1867673c86e654cdd369332bad493100fb37d9f24cbe91855c98c2d70022eea92ec0eff6ea52f8eb723096d2709cb87e15f55701d834d213bf72619d16ed
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-