General
-
Target
4c4c971dc212eca78549870a200be0be7435115643af3633f18aef3e7e1f596d
-
Size
3.8MB
-
Sample
220712-hxm4nafdbl
-
MD5
346daada7cdc97b0d596928baea9ac29
-
SHA1
be45d9ba2d366fe1a640b7632ce71cd0761d0404
-
SHA256
4c4c971dc212eca78549870a200be0be7435115643af3633f18aef3e7e1f596d
-
SHA512
01b3444ac6433aee6451e01a1905c9d8e51f3eca1a7f885a9596166d252972a38869bd4d272dc3a329f2701c243b01338bec22cec0d0a9b9fee870bf73e438ab
Static task
static1
Behavioral task
behavioral1
Sample
4c4c971dc212eca78549870a200be0be7435115643af3633f18aef3e7e1f596d.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
4c4c971dc212eca78549870a200be0be7435115643af3633f18aef3e7e1f596d.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
bitrat
1.35
185.157.162.100:58181
-
communication_password
d4fab64cc4b3bcd4e84db4020ebb3c66
-
install_dir
Microsoft
-
install_file
micros.exe
-
tor_process
tor
Targets
-
-
Target
4c4c971dc212eca78549870a200be0be7435115643af3633f18aef3e7e1f596d
-
Size
3.8MB
-
MD5
346daada7cdc97b0d596928baea9ac29
-
SHA1
be45d9ba2d366fe1a640b7632ce71cd0761d0404
-
SHA256
4c4c971dc212eca78549870a200be0be7435115643af3633f18aef3e7e1f596d
-
SHA512
01b3444ac6433aee6451e01a1905c9d8e51f3eca1a7f885a9596166d252972a38869bd4d272dc3a329f2701c243b01338bec22cec0d0a9b9fee870bf73e438ab
Score10/10-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-