General
-
Target
e2fd5af45c48597af41b0054af2e665068f63328547bb9ee7c7c548aebbf1423
-
Size
2.2MB
-
Sample
220121-2zl4xscag3
-
MD5
a2872dfb9db8af210aa367f0231c8c67
-
SHA1
a7c5dcddfe980283c38d4b5a4ee7590893e374f7
-
SHA256
e2fd5af45c48597af41b0054af2e665068f63328547bb9ee7c7c548aebbf1423
-
SHA512
70aab1584edeea0e7168ec7fbf16ad31ec25559ac802ad932c71ae5fba3bcc8386e74520de5cb99896cfa4ea14fc08923a1eff37cbbdd1f813db6db48092daf2
Static task
static1
Behavioral task
behavioral1
Sample
e2fd5af45c48597af41b0054af2e665068f63328547bb9ee7c7c548aebbf1423.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
e2fd5af45c48597af41b0054af2e665068f63328547bb9ee7c7c548aebbf1423.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9096
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
antivirusscamdefenderlogss
-
install_file
antivirusscamdefenderlog.exe
-
tor_process
tor
Targets
-
-
Target
e2fd5af45c48597af41b0054af2e665068f63328547bb9ee7c7c548aebbf1423
-
Size
2.2MB
-
MD5
a2872dfb9db8af210aa367f0231c8c67
-
SHA1
a7c5dcddfe980283c38d4b5a4ee7590893e374f7
-
SHA256
e2fd5af45c48597af41b0054af2e665068f63328547bb9ee7c7c548aebbf1423
-
SHA512
70aab1584edeea0e7168ec7fbf16ad31ec25559ac802ad932c71ae5fba3bcc8386e74520de5cb99896cfa4ea14fc08923a1eff37cbbdd1f813db6db48092daf2
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-