General
-
Target
d0266a288b4fb5fb9fc74829a16a30e430bbf96d2b9dc27cb4ae93c82d5c55ce
-
Size
2.4MB
-
Sample
220121-24krnaccd5
-
MD5
fc0765d29622555033b316243dfa0ffa
-
SHA1
92393107b21ee9b9ebc068b0a74c49e2968d7361
-
SHA256
d0266a288b4fb5fb9fc74829a16a30e430bbf96d2b9dc27cb4ae93c82d5c55ce
-
SHA512
f0172c219d865620b9c11b68db9580477b8ad582bbb255c7bc7de6d40cb5d5d069bd7da5a93f998e74cefe90a9fc38d42479a94f0b58cbc4bd807eecc200f294
Static task
static1
Behavioral task
behavioral1
Sample
d0266a288b4fb5fb9fc74829a16a30e430bbf96d2b9dc27cb4ae93c82d5c55ce.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
d0266a288b4fb5fb9fc74829a16a30e430bbf96d2b9dc27cb4ae93c82d5c55ce.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.38
jairoandresotalvarorend.linkpc.net:9086
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
windowsdefenderinitservices
-
install_file
windowsdefenderinitservice.exe
-
tor_process
tor
Targets
-
-
Target
d0266a288b4fb5fb9fc74829a16a30e430bbf96d2b9dc27cb4ae93c82d5c55ce
-
Size
2.4MB
-
MD5
fc0765d29622555033b316243dfa0ffa
-
SHA1
92393107b21ee9b9ebc068b0a74c49e2968d7361
-
SHA256
d0266a288b4fb5fb9fc74829a16a30e430bbf96d2b9dc27cb4ae93c82d5c55ce
-
SHA512
f0172c219d865620b9c11b68db9580477b8ad582bbb255c7bc7de6d40cb5d5d069bd7da5a93f998e74cefe90a9fc38d42479a94f0b58cbc4bd807eecc200f294
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-