General
-
Target
7f9e7ab57241e48d772a0562adafa1fb4a837cdcf60e97e8cd575e03b8269add
-
Size
1.9MB
-
Sample
220121-3lyq8sdbf3
-
MD5
208b01f1aee4d26ec10b003106e27c76
-
SHA1
f2a73e883ed8220177db9ee9dc85336c5bf505d3
-
SHA256
7f9e7ab57241e48d772a0562adafa1fb4a837cdcf60e97e8cd575e03b8269add
-
SHA512
fa97704bebf3f9583867411cb8dd878a933e3279daca9758a855ba3a1fdfa0789492196b5629acb553337c92d308dbd4d526d308946b3d49b75ad7f0b75b1a70
Static task
static1
Behavioral task
behavioral1
Sample
7f9e7ab57241e48d772a0562adafa1fb4a837cdcf60e97e8cd575e03b8269add.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
7f9e7ab57241e48d772a0562adafa1fb4a837cdcf60e97e8cd575e03b8269add.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9096
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
antivirusscamdefenderlogss
-
install_file
antivirusscamdefenderlog.exe
-
tor_process
tor
Targets
-
-
Target
7f9e7ab57241e48d772a0562adafa1fb4a837cdcf60e97e8cd575e03b8269add
-
Size
1.9MB
-
MD5
208b01f1aee4d26ec10b003106e27c76
-
SHA1
f2a73e883ed8220177db9ee9dc85336c5bf505d3
-
SHA256
7f9e7ab57241e48d772a0562adafa1fb4a837cdcf60e97e8cd575e03b8269add
-
SHA512
fa97704bebf3f9583867411cb8dd878a933e3279daca9758a855ba3a1fdfa0789492196b5629acb553337c92d308dbd4d526d308946b3d49b75ad7f0b75b1a70
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-