General
-
Target
COMPENSAR CAJA DE COMPENSION.exe
-
Size
1.1MB
-
Sample
221012-pe7hxaddhk
-
MD5
b01493fb1cefb476e5bbf97c29ebe6d6
-
SHA1
7099e9dd3b0d80fe7124c472e047a197e1059806
-
SHA256
2872ca3484a8648e82cd5563c9d40c6445752786b051e7457745244703415198
-
SHA512
9f0657ad445619276ed08f697687310d757f132074ded3061bfa3cc43e630fa5679efd9c4742edfa10f998715c9629270b9e6486bdfbe6aa83335802d8ca2ccd
-
SSDEEP
24576:GE71UCbOvs1lhp0ZrRz/+Fg3wJtyhCWjlfkUE59jbjv:V1UCp4xB/M7zyRjlsUE5Bfv
Static task
static1
Behavioral task
behavioral1
Sample
COMPENSAR CAJA DE COMPENSION.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
COMPENSAR CAJA DE COMPENSION.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
bitrat
1.38
bendicioneees.con-ip.com:7777
-
communication_password
202cb962ac59075b964b07152d234b70
-
tor_process
tor
Targets
-
-
Target
COMPENSAR CAJA DE COMPENSION.exe
-
Size
1.1MB
-
MD5
b01493fb1cefb476e5bbf97c29ebe6d6
-
SHA1
7099e9dd3b0d80fe7124c472e047a197e1059806
-
SHA256
2872ca3484a8648e82cd5563c9d40c6445752786b051e7457745244703415198
-
SHA512
9f0657ad445619276ed08f697687310d757f132074ded3061bfa3cc43e630fa5679efd9c4742edfa10f998715c9629270b9e6486bdfbe6aa83335802d8ca2ccd
-
SSDEEP
24576:GE71UCbOvs1lhp0ZrRz/+Fg3wJtyhCWjlfkUE59jbjv:V1UCp4xB/M7zyRjlsUE5Bfv
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-