General
-
Target
DENUNCIA VIRTUAL IMPUESTA EN SU CONTRA.bin.zip
-
Size
23KB
-
Sample
220609-mnwrnabdc6
-
MD5
02e12fdf87c7d8691db58d220f4fee2a
-
SHA1
6ad3b8901a75bd04ab6bf3ad4c8338e069e4b6be
-
SHA256
de738140a1d81c5cbc08d63c74a929c1195ea0883f553ad776462ba0d0dff89b
-
SHA512
975573e63f3a14b157689b8ad4f372a1dc0869bde3e9e228ff78a893f918572e33d62fb3caf3f4ea7bce4835032621ff015abf61b055b7284b99a7d45e3e6a76
Static task
static1
Behavioral task
behavioral1
Sample
DENUNCIA VIRTUAL IMPUESTA EN SU CONTRA.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
DENUNCIA VIRTUAL IMPUESTA EN SU CONTRA.exe
Resource
win10-20220414-en
Behavioral task
behavioral3
Sample
DENUNCIA VIRTUAL IMPUESTA EN SU CONTRA.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral4
Sample
DENUNCIA VIRTUAL IMPUESTA EN SU CONTRA.exe
Resource
win11-20220223-en
Malware Config
Extracted
bitrat
1.38
reyhrwwet4y.duckdns.org :1880
-
communication_password
202cb962ac59075b964b07152d234b70
-
tor_process
tor
Targets
-
-
Target
DENUNCIA VIRTUAL IMPUESTA EN SU CONTRA.bin
-
Size
160KB
-
MD5
c9e93cb3148aa7fd9aeb11e3deaaa994
-
SHA1
4dec478206a5ac46a560f8bb36b8ef7abf7cadb9
-
SHA256
86456c0b66bf59cbdddd5419cca3b24d4d303b8e7ed5261181ae1ab3933e55e8
-
SHA512
0c80ee1d9f61c8d73902673103bfe3b3dd480b564dc2a4f9822f78d6eef92441b93afbfbc9236ab9eb210a2911d66ffa82bf39001c2ddb7f4925347bbb69417b
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-