General
-
Target
6e24465c8c5dc8aed02b581b2416c36f4cc47911379e72f3ec9ca3b1f4b1de36
-
Size
2.0MB
-
Sample
220121-3p6k9adgbn
-
MD5
0f6dc46c674ebcc09bc4039811be595c
-
SHA1
2a2d4bf883f1c7b40a3f9e450fb5320aed8a3150
-
SHA256
6e24465c8c5dc8aed02b581b2416c36f4cc47911379e72f3ec9ca3b1f4b1de36
-
SHA512
a6e2786a6884185272876ca9c1946fdef7b442f97bf3235e8c4569d6429d88041612a4795f0cc8622e3f6f47d86f96b8971d99cbdaca945f78281f39faa084b4
Static task
static1
Behavioral task
behavioral1
Sample
6e24465c8c5dc8aed02b581b2416c36f4cc47911379e72f3ec9ca3b1f4b1de36.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
6e24465c8c5dc8aed02b581b2416c36f4cc47911379e72f3ec9ca3b1f4b1de36.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9096
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
antivirusscamdefenderlogss
-
install_file
antivirusscamdefenderlog.exe
-
tor_process
tor
Targets
-
-
Target
6e24465c8c5dc8aed02b581b2416c36f4cc47911379e72f3ec9ca3b1f4b1de36
-
Size
2.0MB
-
MD5
0f6dc46c674ebcc09bc4039811be595c
-
SHA1
2a2d4bf883f1c7b40a3f9e450fb5320aed8a3150
-
SHA256
6e24465c8c5dc8aed02b581b2416c36f4cc47911379e72f3ec9ca3b1f4b1de36
-
SHA512
a6e2786a6884185272876ca9c1946fdef7b442f97bf3235e8c4569d6429d88041612a4795f0cc8622e3f6f47d86f96b8971d99cbdaca945f78281f39faa084b4
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-