General
-
Target
Policy_Document.zip
-
Size
1.9MB
-
Sample
220818-vks6cshcej
-
MD5
b5a1d999a5852dd4b160d37633b7d3a5
-
SHA1
1f1a064d9b34ff48f07ebead8bbea5161a3b66f6
-
SHA256
99c95ed1a1192492b4f73a54381f02e927ce26dcae0489b63be67401e015cc78
-
SHA512
76e4659e70edb504239530f3e215559edd0e3d5aa3fd3e29284a4a2d74f2510d7ccacb097dc15c1d3f0f8a696165c5d36d803b34f01209769124a12e8bf87aaf
-
SSDEEP
49152:D2/zscfvo5kUJlRthr0k1DJOrB6JH5zvRrLm:6/zVIp5hdXOrB6JH5trC
Static task
static1
Behavioral task
behavioral1
Sample
Policy_Document.iso
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Policy_Document.iso
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
Policy-Document.exe
Resource
win7-20220812-en
Malware Config
Extracted
bitrat
1.38
yakbitpeople.duckdns.org:9175
-
communication_password
827ccb0eea8a706c4c34a16891f84e7b
-
tor_process
tor
Targets
-
-
Target
Policy_Document.img
-
Size
300.6MB
-
MD5
19e831afa686bf2cacba9335279e316d
-
SHA1
03fefba6592583c218f00b4bb2b4c0df230402ff
-
SHA256
edf8a1adc604e52d333db94fa73e293c251a2cc02568237a46632081b3c98df8
-
SHA512
4a636f98b9c517df7bce363f398e03e413be9174d1990aba0b1dfbf55ac961eb248ed22c7e6adba5697888fcd380bb0425f449599e5d9a52e10849b3b61ab1d1
-
SSDEEP
49152:RlGseaGadVfAkb26C9oFuQ5lg0FlN7mjH:dGadtHFF5gyvmjH
Score3/10 -
-
-
Target
Policy-Document.exe
-
Size
300.0MB
-
MD5
8a6c934a28abfd03fa9f259a7ced202d
-
SHA1
1d623700b282fcb94b691c8e6d5473fdac5e3f3e
-
SHA256
47c38d37274d645b491b7cff7b298049054c18b3ad95064a3b241163a4198106
-
SHA512
3a51c39eeafbac5f40468118f569dbdc66d76b2fe45376e1d9a0a26c7003a98315457bb06bb68228a75d54d3e18a6c55404d4c3032e1230b32773c61ba5efc3a
-
SSDEEP
49152:qlGseaGadVfAkb26C9oFuQ5lg0FlN7mjH:OGadtHFF5gyvmjH
-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-