General
-
Target
5adb53ca4445f20c2a26f896b636ad86b87ddff1aa85866a73a877f6ad1a51bc
-
Size
2.0MB
-
Sample
220121-3t6rtadhhk
-
MD5
fc350ce8e12c4aa48d74e404cb028359
-
SHA1
d787d46e6aef00e6766cc60d471df7e58009b276
-
SHA256
5adb53ca4445f20c2a26f896b636ad86b87ddff1aa85866a73a877f6ad1a51bc
-
SHA512
90e04be0318dff154236a340b347b2d7e237513afe5211dc87b3e5776d542f378edf9aa50ab31a09b1b0bd2aed62931e1477cdcd8b612455f85849f139bff5fc
Static task
static1
Behavioral task
behavioral1
Sample
5adb53ca4445f20c2a26f896b636ad86b87ddff1aa85866a73a877f6ad1a51bc.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
5adb53ca4445f20c2a26f896b636ad86b87ddff1aa85866a73a877f6ad1a51bc.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9089
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
windowssecurirysercivehealtht
-
install_file
windowssecuritrysercive.exe
-
tor_process
tor
Targets
-
-
Target
5adb53ca4445f20c2a26f896b636ad86b87ddff1aa85866a73a877f6ad1a51bc
-
Size
2.0MB
-
MD5
fc350ce8e12c4aa48d74e404cb028359
-
SHA1
d787d46e6aef00e6766cc60d471df7e58009b276
-
SHA256
5adb53ca4445f20c2a26f896b636ad86b87ddff1aa85866a73a877f6ad1a51bc
-
SHA512
90e04be0318dff154236a340b347b2d7e237513afe5211dc87b3e5776d542f378edf9aa50ab31a09b1b0bd2aed62931e1477cdcd8b612455f85849f139bff5fc
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-