General
-
Target
bb65527598567396312c0af8b9d18ed7e454bb001773bb7cdf41bdf567bc54af
-
Size
2.2MB
-
Sample
220121-28d5nsced2
-
MD5
468dd5c8adf10a6b4f4dba25ec602198
-
SHA1
b2de792f461e556eccfb11a974b89a0fd4e4e439
-
SHA256
bb65527598567396312c0af8b9d18ed7e454bb001773bb7cdf41bdf567bc54af
-
SHA512
fcd8a8a4ecc71a38e0fcc8d21fb21515066049630b51273f6eb1857c9e256304384df7b6c7eb2175283979f10163f5da1255697e0f0f20bd57eb1fd374f6db82
Static task
static1
Behavioral task
behavioral1
Sample
bb65527598567396312c0af8b9d18ed7e454bb001773bb7cdf41bdf567bc54af.exe
Resource
win7-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9091
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
System32dll
-
install_file
System32077273dll.exe
-
tor_process
tor
Targets
-
-
Target
bb65527598567396312c0af8b9d18ed7e454bb001773bb7cdf41bdf567bc54af
-
Size
2.2MB
-
MD5
468dd5c8adf10a6b4f4dba25ec602198
-
SHA1
b2de792f461e556eccfb11a974b89a0fd4e4e439
-
SHA256
bb65527598567396312c0af8b9d18ed7e454bb001773bb7cdf41bdf567bc54af
-
SHA512
fcd8a8a4ecc71a38e0fcc8d21fb21515066049630b51273f6eb1857c9e256304384df7b6c7eb2175283979f10163f5da1255697e0f0f20bd57eb1fd374f6db82
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-