General
-
Target
222bf96cb568ab55f0d482d9a1809de3604b0afad66195f740fb2c6c9d6af121
-
Size
2.0MB
-
Sample
220130-tfb6lsedg6
-
MD5
13868b8672d0cbd053ba44d61f5b8ced
-
SHA1
86a8136bc4a1cc1c74f10fb6864f0b2b95801f3e
-
SHA256
222bf96cb568ab55f0d482d9a1809de3604b0afad66195f740fb2c6c9d6af121
-
SHA512
16f9932fd6aa31299e776b3ce2f9b234a2282102716090c6daf43d1c158b70ce3bd233494069fe19aaaf2884d2a92448ab21b378ca46e0e643f38c3694b12453
Static task
static1
Behavioral task
behavioral1
Sample
222bf96cb568ab55f0d482d9a1809de3604b0afad66195f740fb2c6c9d6af121.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
222bf96cb568ab55f0d482d9a1809de3604b0afad66195f740fb2c6c9d6af121.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.35
publiquilla.linkpc.net:9096
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
antivirusscamdefenderlogss
-
install_file
antivirusscamdefenderlog.exe
-
tor_process
tor
Targets
-
-
Target
222bf96cb568ab55f0d482d9a1809de3604b0afad66195f740fb2c6c9d6af121
-
Size
2.0MB
-
MD5
13868b8672d0cbd053ba44d61f5b8ced
-
SHA1
86a8136bc4a1cc1c74f10fb6864f0b2b95801f3e
-
SHA256
222bf96cb568ab55f0d482d9a1809de3604b0afad66195f740fb2c6c9d6af121
-
SHA512
16f9932fd6aa31299e776b3ce2f9b234a2282102716090c6daf43d1c158b70ce3bd233494069fe19aaaf2884d2a92448ab21b378ca46e0e643f38c3694b12453
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-