General
-
Target
e61444306b1de4ee7aa031a0d61f7cea510d75e2db7b49409e2c23ac46b3e684
-
Size
2.2MB
-
Sample
220121-2xcgpsccgp
-
MD5
bc04e1fcb533007d960d2199f1ae5184
-
SHA1
8268ebb99f05b1e8ca4b964969782280134a698b
-
SHA256
e61444306b1de4ee7aa031a0d61f7cea510d75e2db7b49409e2c23ac46b3e684
-
SHA512
7e91ec4b6ba4475b3bf662a63daca179a101cb708e2e998d32b65fcdaa4deb1e8ef1a81f7bcdd19cce7b4f3ab8208c5112f84aa97b5b4f28548c3e069e9f3304
Static task
static1
Behavioral task
behavioral1
Sample
e61444306b1de4ee7aa031a0d61f7cea510d75e2db7b49409e2c23ac46b3e684.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
e61444306b1de4ee7aa031a0d61f7cea510d75e2db7b49409e2c23ac46b3e684.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9096
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
antivirusscamdefenderlogss
-
install_file
antivirusscamdefenderlog.exe
-
tor_process
tor
Targets
-
-
Target
e61444306b1de4ee7aa031a0d61f7cea510d75e2db7b49409e2c23ac46b3e684
-
Size
2.2MB
-
MD5
bc04e1fcb533007d960d2199f1ae5184
-
SHA1
8268ebb99f05b1e8ca4b964969782280134a698b
-
SHA256
e61444306b1de4ee7aa031a0d61f7cea510d75e2db7b49409e2c23ac46b3e684
-
SHA512
7e91ec4b6ba4475b3bf662a63daca179a101cb708e2e998d32b65fcdaa4deb1e8ef1a81f7bcdd19cce7b4f3ab8208c5112f84aa97b5b4f28548c3e069e9f3304
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-