Extracted

• • Target

    CYFXHBF.html

  • Size

    1.4MB

  • MD5

    cd8b3a29d0d7ef90d4110e5db4f1ab31

  • SHA1

    24a001db4ba57bc94daf903299536a9ce0263bad

  • SHA256

    6d84e678810bd95fca73f9ca132b8f8748da8440a45a33bd8923ffe10d26eadb

  • SHA512

    87a0a7e26a64d27d56343bb033707b9936e2330b043da9ba8914c5e2f9945047c322cdcc181ba55144e802f69f328abaa9ef612acd0cecb5154d2c92c98c4a1d

  • SSDEEP

    24576:7ndRKZCy2BrhCeU2i2cJijFbCBTPmiY05tJMSQp5ysA7Yg1nLkzxcy9uuk2Nvv:zXDFBU2iIBb0xY/6sUYYk9nhxv

  Score

  10^/10

  bitrattrojanupx

  • BitRAT

    BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

    trojanbitrat

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2

• • Target

    out.upx

  • Size

    3.8MB

  • MD5

    c6baffc3f78783d0f39aa362a1f549f5

  • SHA1

    c904fe72f4cfb42c12ac2869c385a66061023feb

  • SHA256

    8a3e46e4ed2c6740243393f8b94efabc1e183ef4be2079559a63c67b94aa6463

  • SHA512

    f21ac5a55cb297656c4ef75dd63fdda3de30c9074bb3b7a5afb0de8a62217104f49e7c8b7295c24df7899932e5f3d598ab59319a3bf2886a941f86c39ea6e2fe

  • SSDEEP

    98304:m77Pmq33rE/JDLPWZADUGer7B6iY74M/jmlwXVZ:Y+R/eZADUXR

  Score

  3^/10
  behavioral3behavioral4