General
-
Target
c04af468c32ceaa1f7870c7a9962cf6c13a9941499fe1e7ec04327d6abb01a97
-
Size
2.1MB
-
Sample
220121-27gt6scdg9
-
MD5
80e714a3a3e170fca3f6c51d80a7dca4
-
SHA1
cf303b54b7ecf4845744b575b2728b9354221ba0
-
SHA256
c04af468c32ceaa1f7870c7a9962cf6c13a9941499fe1e7ec04327d6abb01a97
-
SHA512
43765e7d94652d2ffdebfcb68772f845a25ae00b7838e2db504d1c53811358e976be5d6efe9a3e0b98a6b6ce7da6123620431386d5cd355eaed23651c1ca270c
Static task
static1
Behavioral task
behavioral1
Sample
c04af468c32ceaa1f7870c7a9962cf6c13a9941499fe1e7ec04327d6abb01a97.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
c04af468c32ceaa1f7870c7a9962cf6c13a9941499fe1e7ec04327d6abb01a97.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9090
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
windowssecurirysercivehealth
-
install_file
windowssecurirysercive.exe
-
tor_process
tor
Targets
-
-
Target
c04af468c32ceaa1f7870c7a9962cf6c13a9941499fe1e7ec04327d6abb01a97
-
Size
2.1MB
-
MD5
80e714a3a3e170fca3f6c51d80a7dca4
-
SHA1
cf303b54b7ecf4845744b575b2728b9354221ba0
-
SHA256
c04af468c32ceaa1f7870c7a9962cf6c13a9941499fe1e7ec04327d6abb01a97
-
SHA512
43765e7d94652d2ffdebfcb68772f845a25ae00b7838e2db504d1c53811358e976be5d6efe9a3e0b98a6b6ce7da6123620431386d5cd355eaed23651c1ca270c
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-