General
-
Target
1440b2cef20cfbb1fa92a14e41967dd1e9feb8ae21e9523a72a79ac95efd9017
-
Size
2.3MB
-
Sample
220130-tsrf3aehe5
-
MD5
6de0f794e0798e016ae648c0d14e8b8d
-
SHA1
5d7b08a3a4bcf39e7b8f4df472bb76843261dd54
-
SHA256
1440b2cef20cfbb1fa92a14e41967dd1e9feb8ae21e9523a72a79ac95efd9017
-
SHA512
c9757ce91ebfd09afdae5928836686bcd0cff556a63fd5cdb3b7e0cab6df7b429aa9cbd678a2152aecf0902e202f429e8d0ddbc01d0b2a835291e50204a5890c
Static task
static1
Behavioral task
behavioral1
Sample
1440b2cef20cfbb1fa92a14e41967dd1e9feb8ae21e9523a72a79ac95efd9017.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1440b2cef20cfbb1fa92a14e41967dd1e9feb8ae21e9523a72a79ac95efd9017.exe
Resource
win10-en-20211208
Malware Config
Extracted
bitrat
1.38
jairoandresotalvarorend.linkpc.net:9083
-
communication_password
bfdba24ee3d61f0260c4dc1034c3ee43
-
install_dir
winlogomwindefenders
-
install_file
winlogomwindefender.exe
-
tor_process
tor
Targets
-
-
Target
1440b2cef20cfbb1fa92a14e41967dd1e9feb8ae21e9523a72a79ac95efd9017
-
Size
2.3MB
-
MD5
6de0f794e0798e016ae648c0d14e8b8d
-
SHA1
5d7b08a3a4bcf39e7b8f4df472bb76843261dd54
-
SHA256
1440b2cef20cfbb1fa92a14e41967dd1e9feb8ae21e9523a72a79ac95efd9017
-
SHA512
c9757ce91ebfd09afdae5928836686bcd0cff556a63fd5cdb3b7e0cab6df7b429aa9cbd678a2152aecf0902e202f429e8d0ddbc01d0b2a835291e50204a5890c
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-