General
-
Target
4893180638691328.zip
-
Size
1.5MB
-
Sample
220121-2d3jsabeh9
-
MD5
69a03d2288a1b9e316bf05c76aefd540
-
SHA1
fe5aa10a58975f3f1eaacf737b45be7509638dd0
-
SHA256
75639cd5a8a06fc5b613712776f209a28f665a875ab5cf24fe762c5e061d6efd
-
SHA512
7dcf156ff5161a61410f75053b5a01b2291d8fe52ef81e705b284dc55550f62b01cc6917e5cc40b0c79d5c8b6ca84bbf4783826ac3630c6caa67dedbd6a011be
Static task
static1
Behavioral task
behavioral1
Sample
e-transfer.exe
Resource
win7-en-20211208
Malware Config
Extracted
bitrat
1.38
newbitpeople.duckdns.org:8185
-
communication_password
827ccb0eea8a706c4c34a16891f84e7b
-
tor_process
tor
Targets
-
-
Target
e-transfer.exe
-
Size
300.0MB
-
MD5
e7c42ecec20b2ecf8470f9f1fa23a521
-
SHA1
0716d82f263acaa03a30831a5e13979e902d8d19
-
SHA256
f38c72d43ccff7ee0243bb4c2aa2c44a725ebe2352bc8ab9887ee54f9e59ecb9
-
SHA512
170b58d579cd0e9a2c268ab27c4b97c135c4b35140cfc347c9967edb5c2d0929e1790b5c3e556a779257c4763c7549a8d6c6a24eddb4a84866aa7a86d594f6f8
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-