General
-
Target
b09b9fbc48bcb5c721a7448e7ba97b34a58f46ee5aeb157f86df75fa8890845d
-
Size
2.2MB
-
Sample
220121-3affhschgl
-
MD5
6a9ec204144e883392a8f02b3946efd7
-
SHA1
5406faef3d88e9cd0dc0fc98ded9e4085838ef74
-
SHA256
b09b9fbc48bcb5c721a7448e7ba97b34a58f46ee5aeb157f86df75fa8890845d
-
SHA512
c9ed4d99b50df978cd422220c755933b4996545ac29632bd06ffcf31f05413419af1193c20b741f25117b253eb1f373e9b116cce6a5ff061630bdd5f236e44c9
Static task
static1
Behavioral task
behavioral1
Sample
b09b9fbc48bcb5c721a7448e7ba97b34a58f46ee5aeb157f86df75fa8890845d.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
b09b9fbc48bcb5c721a7448e7ba97b34a58f46ee5aeb157f86df75fa8890845d.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9097
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
System320772736e3b1d119b3
-
install_file
System320772736e3b1d119b.exe
-
tor_process
tor
Targets
-
-
Target
b09b9fbc48bcb5c721a7448e7ba97b34a58f46ee5aeb157f86df75fa8890845d
-
Size
2.2MB
-
MD5
6a9ec204144e883392a8f02b3946efd7
-
SHA1
5406faef3d88e9cd0dc0fc98ded9e4085838ef74
-
SHA256
b09b9fbc48bcb5c721a7448e7ba97b34a58f46ee5aeb157f86df75fa8890845d
-
SHA512
c9ed4d99b50df978cd422220c755933b4996545ac29632bd06ffcf31f05413419af1193c20b741f25117b253eb1f373e9b116cce6a5ff061630bdd5f236e44c9
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-