General
-
Target
f6eefae38f4cded38163f406b801b74a3c55284e2aa5699e9bb1168a4e177922
-
Size
2.2MB
-
Sample
220121-2s1nqscbbr
-
MD5
4daed8a0f6f918845d21dbf5119714df
-
SHA1
68469da08fbcb1e3b2e80304cc906b0ec05980e5
-
SHA256
f6eefae38f4cded38163f406b801b74a3c55284e2aa5699e9bb1168a4e177922
-
SHA512
f4bf4f742850d51a62612f3947307ece3f723cd0bad95cf1ad6ecef28c13132a5313e041e0190e66d003a0d865b2f604ad0a773c5d81f9f5283fd43a269f1f0c
Static task
static1
Behavioral task
behavioral1
Sample
f6eefae38f4cded38163f406b801b74a3c55284e2aa5699e9bb1168a4e177922.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
f6eefae38f4cded38163f406b801b74a3c55284e2aa5699e9bb1168a4e177922.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9090
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
windowssecurirysercivehealth
-
install_file
windowssecurirysercive.exe
-
tor_process
tor
Targets
-
-
Target
f6eefae38f4cded38163f406b801b74a3c55284e2aa5699e9bb1168a4e177922
-
Size
2.2MB
-
MD5
4daed8a0f6f918845d21dbf5119714df
-
SHA1
68469da08fbcb1e3b2e80304cc906b0ec05980e5
-
SHA256
f6eefae38f4cded38163f406b801b74a3c55284e2aa5699e9bb1168a4e177922
-
SHA512
f4bf4f742850d51a62612f3947307ece3f723cd0bad95cf1ad6ecef28c13132a5313e041e0190e66d003a0d865b2f604ad0a773c5d81f9f5283fd43a269f1f0c
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-