General
-
Target
e8b3ee11d60b60f161546fab192988cf5f0c331308e2a60bbb4be9c76f26a9e4
-
Size
2.4MB
-
Sample
220121-2wqb6scaa2
-
MD5
75ab70d75ef9a5ef97b10fe7dad6da43
-
SHA1
0fad17daf9b47275adda569291924828ef741a05
-
SHA256
e8b3ee11d60b60f161546fab192988cf5f0c331308e2a60bbb4be9c76f26a9e4
-
SHA512
9b4afa3dbbb4d2ac0281be8f554f3b6465aefe6f2ff01cde75171264e3edd05c35aef511eeb15a6a9f66cb110d07be13dc879a50bd2792c364fe28ffbbdcf9fc
Static task
static1
Behavioral task
behavioral1
Sample
e8b3ee11d60b60f161546fab192988cf5f0c331308e2a60bbb4be9c76f26a9e4.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
e8b3ee11d60b60f161546fab192988cf5f0c331308e2a60bbb4be9c76f26a9e4.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.38
jairoandresotalvarorend.linkpc.net:9083
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
winlogomwindefenders
-
install_file
winlogomwindefender.exe
-
tor_process
tor
Targets
-
-
Target
e8b3ee11d60b60f161546fab192988cf5f0c331308e2a60bbb4be9c76f26a9e4
-
Size
2.4MB
-
MD5
75ab70d75ef9a5ef97b10fe7dad6da43
-
SHA1
0fad17daf9b47275adda569291924828ef741a05
-
SHA256
e8b3ee11d60b60f161546fab192988cf5f0c331308e2a60bbb4be9c76f26a9e4
-
SHA512
9b4afa3dbbb4d2ac0281be8f554f3b6465aefe6f2ff01cde75171264e3edd05c35aef511eeb15a6a9f66cb110d07be13dc879a50bd2792c364fe28ffbbdcf9fc
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-