General
-
Target
cebc9dd71954428aa944db6f4421a4ed78156e2aa10caa6a55f56d9d37fad07b
-
Size
2.3MB
-
Sample
220121-24rj7scfap
-
MD5
c938f73a4899a4da334eeac963a5b6e6
-
SHA1
020cce75493ab0eea76298e4ccb7e26a013d759f
-
SHA256
cebc9dd71954428aa944db6f4421a4ed78156e2aa10caa6a55f56d9d37fad07b
-
SHA512
b5948ca623694d5f0ea21e3fdf494834b2a456e63a7d5cb7d3405361ca66f84be8c6395f30f5da466ffb3e7b852fa1f48ae3ec9e8903bc1a5f5bb9ba642db544
Static task
static1
Behavioral task
behavioral1
Sample
cebc9dd71954428aa944db6f4421a4ed78156e2aa10caa6a55f56d9d37fad07b.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
cebc9dd71954428aa944db6f4421a4ed78156e2aa10caa6a55f56d9d37fad07b.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9092
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
System32dllwin
-
install_file
Systemwin32077273dll.exe
-
tor_process
tor
Targets
-
-
Target
cebc9dd71954428aa944db6f4421a4ed78156e2aa10caa6a55f56d9d37fad07b
-
Size
2.3MB
-
MD5
c938f73a4899a4da334eeac963a5b6e6
-
SHA1
020cce75493ab0eea76298e4ccb7e26a013d759f
-
SHA256
cebc9dd71954428aa944db6f4421a4ed78156e2aa10caa6a55f56d9d37fad07b
-
SHA512
b5948ca623694d5f0ea21e3fdf494834b2a456e63a7d5cb7d3405361ca66f84be8c6395f30f5da466ffb3e7b852fa1f48ae3ec9e8903bc1a5f5bb9ba642db544
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-