General
-
Target
SENTENCIA DE TUTELA RAD 2022-00181.exe
-
Size
5.2MB
-
Sample
221007-htsjzacaer
-
MD5
9d8aef46c65ac3cf2e76b2631c2f1735
-
SHA1
79596407af97b5b20bb7f403088dcd364140443b
-
SHA256
fd7236a8ae99516f4906d007b5e2e5738d19d849ba7dff66723c6e9b60f7d68d
-
SHA512
e5b73a35c19894fb82ab5dd2be5df2087d6c1930d2753cf9c9a1c5ec2d1daf033ef8b9f1b1ff15592cf070c673b24784ffa854c9898fc8b6a7b06776a6763eb8
-
SSDEEP
24576:QKPV0sGZSILwa6Y9UfUMSR9iUFqNLcrLfQkF2uU5J9VF/08ixUoNQhGnD58fKj7h:+RLy/tvbVRWPKmEgmcKb8n/
Static task
static1
Behavioral task
behavioral1
Sample
SENTENCIA DE TUTELA RAD 2022-00181.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SENTENCIA DE TUTELA RAD 2022-00181.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
bitrat
1.38
bendiciones5.con-ip.com:7777
-
communication_password
202cb962ac59075b964b07152d234b70
-
install_dir
AppData
-
install_file
Discord.exe
-
tor_process
tor
Targets
-
-
Target
SENTENCIA DE TUTELA RAD 2022-00181.exe
-
Size
5.2MB
-
MD5
9d8aef46c65ac3cf2e76b2631c2f1735
-
SHA1
79596407af97b5b20bb7f403088dcd364140443b
-
SHA256
fd7236a8ae99516f4906d007b5e2e5738d19d849ba7dff66723c6e9b60f7d68d
-
SHA512
e5b73a35c19894fb82ab5dd2be5df2087d6c1930d2753cf9c9a1c5ec2d1daf033ef8b9f1b1ff15592cf070c673b24784ffa854c9898fc8b6a7b06776a6763eb8
-
SSDEEP
24576:QKPV0sGZSILwa6Y9UfUMSR9iUFqNLcrLfQkF2uU5J9VF/08ixUoNQhGnD58fKj7h:+RLy/tvbVRWPKmEgmcKb8n/
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-