General
-
Target
nbitt9090.bin.zip
-
Size
1.4MB
-
Sample
221109-kwahaaghhk
-
MD5
4e491958d2940f509d1b898a9f956c09
-
SHA1
1de1a56c98e734a09d36cab3338886a3aa414c9d
-
SHA256
353e4d8c85a452dcdd44cd027869277587735b6e9bc2dd5f1d31c84a0e8f3134
-
SHA512
b271e41a399ed37e1eb8cf736461bf6f84119c471ab96c83825309317073b9c7a28ee75884e122d0da5a0e4c63d6532f41ae89a02bb2f5e6af5ef27199e193bd
-
SSDEEP
24576:nzcq9Fvyc0fF2sEujGkJgwT0WKtWAuUM7OFPmXAlF6CuRotwEMQI2JXo71POf:zBjwF2sEIGk+kyKC0nGCEU371M
Behavioral task
behavioral1
Sample
nbitt9090.exe
Resource
win7-20220901-en
Malware Config
Extracted
bitrat
1.38
bit9090.duckdns.org:9090
-
communication_password
e10adc3949ba59abbe56e057f20f883e
-
tor_process
tor
Targets
-
-
Target
nbitt9090.bin
-
Size
1.4MB
-
MD5
d2d601c4f27a42233076ebc6e05f07f0
-
SHA1
5a0b561f883b88ca3d4d9bdba5143f103ea83d14
-
SHA256
dc9fcc38f0fad625bdd15fa418178cbcd8783e8c66bccf1bd300ead64c9e05eb
-
SHA512
f28db947332f2151de3a7b24101788afaeb3a00a63221dd20b745bd4ffe1ca495c6a4ac148ff8925635b720ae7c8bc586ab697622097a78a0e2588aa9d70b077
-
SSDEEP
24576:wndRKZCy2BrhCeU2i2cJijFbCBTPmiY05tJMSQp5ysA7Yg1nLkz0l2GiY:yXDFBU2iIBb0xY/6sUYYnEY
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-