General
-
Target
c51eb36467745e100f4cc6eebc46c31e1a3a3f02f50da6c562975821b544acf4
-
Size
2.2MB
-
Sample
220121-26kvfacfhr
-
MD5
d5dfbab804a95d9b8c13446b82ea7189
-
SHA1
add3d4f5db237bdad70d4251c47dee6fde16b340
-
SHA256
c51eb36467745e100f4cc6eebc46c31e1a3a3f02f50da6c562975821b544acf4
-
SHA512
44da065a5bcef77f3322d289f287ce82f46e5c4f8721be23a7b24624828677e26b17714e155a247d33aed3a00c9c2ef52f786f366f62d528aa323697502ddb8e
Static task
static1
Behavioral task
behavioral1
Sample
c51eb36467745e100f4cc6eebc46c31e1a3a3f02f50da6c562975821b544acf4.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
c51eb36467745e100f4cc6eebc46c31e1a3a3f02f50da6c562975821b544acf4.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.38
jairoandresotalvarorend.linkpc.net:9083
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
windefederwinlgomsystems
-
install_file
windefederwinlgomsystem.exe
-
tor_process
tor
Targets
-
-
Target
c51eb36467745e100f4cc6eebc46c31e1a3a3f02f50da6c562975821b544acf4
-
Size
2.2MB
-
MD5
d5dfbab804a95d9b8c13446b82ea7189
-
SHA1
add3d4f5db237bdad70d4251c47dee6fde16b340
-
SHA256
c51eb36467745e100f4cc6eebc46c31e1a3a3f02f50da6c562975821b544acf4
-
SHA512
44da065a5bcef77f3322d289f287ce82f46e5c4f8721be23a7b24624828677e26b17714e155a247d33aed3a00c9c2ef52f786f366f62d528aa323697502ddb8e
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-