General
-
Target
44e041dc2e445fcd33cc89b8453d0539.exe
-
Size
1.4MB
-
Sample
220802-wcb3jsagak
-
MD5
44e041dc2e445fcd33cc89b8453d0539
-
SHA1
99faf5ac243f30d7041e7018f41490023b552f60
-
SHA256
707ce4ec41a0a919739998e1260e50eb8eca2808ee69df64b07a5e985d1068ad
-
SHA512
893019fd4b969250464a551bdeb0fc050da5bc82f1680b5ef116e8cc43b2e0b4088ec351f91d0d4b379ffd61fb32a02a34ea11fb94ca35fc4ed064dda021bf18
Behavioral task
behavioral1
Sample
44e041dc2e445fcd33cc89b8453d0539.exe
Resource
win7-20220715-en
Malware Config
Extracted
bitrat
1.38
trotox.duckdns.org:55441
-
communication_password
4b49ee1f55b1900518dfb23fd2d7c702
-
tor_process
tor
Targets
-
-
Target
44e041dc2e445fcd33cc89b8453d0539.exe
-
Size
1.4MB
-
MD5
44e041dc2e445fcd33cc89b8453d0539
-
SHA1
99faf5ac243f30d7041e7018f41490023b552f60
-
SHA256
707ce4ec41a0a919739998e1260e50eb8eca2808ee69df64b07a5e985d1068ad
-
SHA512
893019fd4b969250464a551bdeb0fc050da5bc82f1680b5ef116e8cc43b2e0b4088ec351f91d0d4b379ffd61fb32a02a34ea11fb94ca35fc4ed064dda021bf18
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-