General
-
Target
44695a8503106b29067a702055ada74185c5072db375409f7cc8f36a64a7e4f3
-
Size
2.1MB
-
Sample
220130-sk398adfb8
-
MD5
8f80b1aa1c993a8be187868cd3b6f5fc
-
SHA1
a1b1959ea2f410aa40e09f73e6522fe89969c6c5
-
SHA256
44695a8503106b29067a702055ada74185c5072db375409f7cc8f36a64a7e4f3
-
SHA512
344da2dcb5643e558ea52cf5b7728180359e04bc6179cda768438c205787e8e7c474952afb3c9d1fd63a7879be213b8bc41fc090248a63f5fa2201b7199a0ad3
Static task
static1
Behavioral task
behavioral1
Sample
44695a8503106b29067a702055ada74185c5072db375409f7cc8f36a64a7e4f3.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
44695a8503106b29067a702055ada74185c5072db375409f7cc8f36a64a7e4f3.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9095
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
antimalawaresdystemlogomn
-
install_file
antimalawaresdystem.exe
-
tor_process
tor
Targets
-
-
Target
44695a8503106b29067a702055ada74185c5072db375409f7cc8f36a64a7e4f3
-
Size
2.1MB
-
MD5
8f80b1aa1c993a8be187868cd3b6f5fc
-
SHA1
a1b1959ea2f410aa40e09f73e6522fe89969c6c5
-
SHA256
44695a8503106b29067a702055ada74185c5072db375409f7cc8f36a64a7e4f3
-
SHA512
344da2dcb5643e558ea52cf5b7728180359e04bc6179cda768438c205787e8e7c474952afb3c9d1fd63a7879be213b8bc41fc090248a63f5fa2201b7199a0ad3
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-