General
-
Target
7575636124.zip
-
Size
1.5MB
-
Sample
220613-tynmcshcdj
-
MD5
171de92e84d026ad2ef57aa34341a6b2
-
SHA1
fb8552ba51a4a1e8cdbf5e8ee1a49fceb05f8ed2
-
SHA256
a178302eaf508e401e93f77ca267b1b42c5a3e01ea7277b12ad178c8c6f683b5
-
SHA512
df52523177832dbbf9fcfd61ac8e82271143daf44cb1da7b887767ba6f6b40f0028696833952ddcbd879fd3618af51f238ab8be3eb7da5620634243098e8fbfb
Static task
static1
Behavioral task
behavioral1
Sample
E9MA7D56_ETRANSFER_RECEIPT.exe
Resource
win7-20220414-en
Malware Config
Extracted
bitrat
1.38
bitrat9300.duckdns.org:9300
-
communication_password
e10adc3949ba59abbe56e057f20f883e
-
tor_process
tor
Targets
-
-
Target
E9MA7D56_ETRANSFER_RECEIPT.exe
-
Size
300.0MB
-
MD5
939cdee6b468100c492b1ea0a4770a7c
-
SHA1
0d02f7ac8811d058f5d830c9087dd6c3dc60bc94
-
SHA256
ac062144c0be77f4cb9d18361e8729d59ffd1dae0a2402b4ac644dcac179c786
-
SHA512
6670a062ae98c6f2070c03746aed710d39273d7aef00caf95c1673998e5bf8ff99e34383ceba09e55ed2eb8a19fb7c2714c1055b51b03e644f14699c8be725af
-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-