General
-
Target
c81ea002e9f2ba699dffb21967cae71cb69f752e68b5685e427593312115d2d5
-
Size
229KB
-
Sample
221124-x4hvvadh47
-
MD5
c47aa987badb19d02a57f926328fed40
-
SHA1
c697522e3380c705e34729f6f46c9d41e1e607a0
-
SHA256
c81ea002e9f2ba699dffb21967cae71cb69f752e68b5685e427593312115d2d5
-
SHA512
0495f79649eda3677d3f5838e09e9453a74d591e7df3b4e4aa1e5c5d4b9cb093eed1fb9fe9ed6bd3eb3a98ddec3158f8302f5e3def02240bf423617a8bdc27cf
-
SSDEEP
6144:0f98xp0yoxVwuvbGVG2yE9QvepAjkTlFLAw:OQpYiuvbGw0yEAjkTPd
Static task
static1
Behavioral task
behavioral1
Sample
sita.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
sita.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
sita.exe
-
Size
331KB
-
MD5
a01b9095e1c5b24279bf4b8587f0f156
-
SHA1
1acb07c459f20bbfb7aaa8289b63bba5eda7bb2c
-
SHA256
34b2479724a8efe6d04236305e15342378dca7ff5677a48b2943404b36e229fe
-
SHA512
f52c9f3263ac04ba803c0d564c6285adc80b4e84c95ccf88ca4812994fa82a60d65a7be6671ac762c0ec693c10b051e0733aa63689dad7e356ff0fda713f0b50
-
SSDEEP
6144:qlBswxp0yoxVGuvM/OHgyGFVzC+j5wGuGGbGmGOG2yG+GXGkGuGGpGGIGGHGGjGM:qlZpYMuvMKvGFVx2Wvo
Score10/10-
Modifies WinLogon for persistence
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-