General
-
Target
Circular de Resolución No. 2901..exe
-
Size
3.1MB
-
Sample
220915-tgzcjadef2
-
MD5
ef60fcaf6ddedd0a3fdb93732cca0902
-
SHA1
e71d10f577df8a6d111f3571079bdfb583f30f62
-
SHA256
9015e5c60b8bd504c8fb6eff20e85f022ab7bdef3209c8743d328f23c864ec39
-
SHA512
1435bb539c6156b4e7d9000fa4f4a64403a70397d18c17f74cd1be5eac0570e44e92df4edcc48ea2a20487c8cccfe71fa374b5c2a8e55e5df0e9c7c6d7fe7afc
-
SSDEEP
98304:l9QHRIEF7KhO2fZzDnUEZ3QiVkc8JcDv:QHvUuO6c8JcD
Static task
static1
Behavioral task
behavioral1
Sample
Circular de Resolución No. 2901..exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Circular de Resolución No. 2901..exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
bitrat
1.38
bendicion777.con-ip.com:7777
-
communication_password
202cb962ac59075b964b07152d234b70
-
tor_process
tor
Targets
-
-
Target
Circular de Resolución No. 2901..exe
-
Size
3.1MB
-
MD5
ef60fcaf6ddedd0a3fdb93732cca0902
-
SHA1
e71d10f577df8a6d111f3571079bdfb583f30f62
-
SHA256
9015e5c60b8bd504c8fb6eff20e85f022ab7bdef3209c8743d328f23c864ec39
-
SHA512
1435bb539c6156b4e7d9000fa4f4a64403a70397d18c17f74cd1be5eac0570e44e92df4edcc48ea2a20487c8cccfe71fa374b5c2a8e55e5df0e9c7c6d7fe7afc
-
SSDEEP
98304:l9QHRIEF7KhO2fZzDnUEZ3QiVkc8JcDv:QHvUuO6c8JcD
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-