General
-
Target
1d3a424a8f8eeaff794c43d48c1cffd2be6ce57355ad6f7235e2890e9b835362
-
Size
2.3MB
-
Sample
220130-tkjq9aefb9
-
MD5
6fde64a1dec519ccc789309a654d22a9
-
SHA1
8875a743ff1c6a55a257a3ba7fcd0cb6355dcb18
-
SHA256
1d3a424a8f8eeaff794c43d48c1cffd2be6ce57355ad6f7235e2890e9b835362
-
SHA512
2c802c5f80f31e1115d265680a03c11289758b42e14395dd8e512b9bb0ad8528c34839296c3cab61f250e2925868dcda042be5f36b022b334f70ae32e3efd03e
Static task
static1
Behavioral task
behavioral1
Sample
1d3a424a8f8eeaff794c43d48c1cffd2be6ce57355ad6f7235e2890e9b835362.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1d3a424a8f8eeaff794c43d48c1cffd2be6ce57355ad6f7235e2890e9b835362.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.38
jairoandresotalvarorend.linkpc.net:9086
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
windowsdefenderinitservices
-
install_file
windowsdefenderinitservice.exe
-
tor_process
tor
Targets
-
-
Target
1d3a424a8f8eeaff794c43d48c1cffd2be6ce57355ad6f7235e2890e9b835362
-
Size
2.3MB
-
MD5
6fde64a1dec519ccc789309a654d22a9
-
SHA1
8875a743ff1c6a55a257a3ba7fcd0cb6355dcb18
-
SHA256
1d3a424a8f8eeaff794c43d48c1cffd2be6ce57355ad6f7235e2890e9b835362
-
SHA512
2c802c5f80f31e1115d265680a03c11289758b42e14395dd8e512b9bb0ad8528c34839296c3cab61f250e2925868dcda042be5f36b022b334f70ae32e3efd03e
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-