General
-
Target
24fe6412893abef12251d0c0cb59beaf40cdc34ce8c70ff766e4d9444a6f6186.exe
-
Size
10KB
-
Sample
221208-n2wt9ach3w
-
MD5
9c21d2bd9e8db420cd94a03a00dfdba4
-
SHA1
2f90b847dda5638552a3a5fb01ee28ea6bf82245
-
SHA256
24fe6412893abef12251d0c0cb59beaf40cdc34ce8c70ff766e4d9444a6f6186
-
SHA512
58e4a7c75b41b8551bec5085bc6148ea58c1873981dd6e872b261037d34b15b5ffeccb5babbcb9d756702cccab257a6ebd4c3e9394b843d7b9f94f8a204ab8a6
-
SSDEEP
96:fPdkus9rUrOeM+Jn2JUHBOYOlkIy6KUwTTgJMRqI6ruuuVFr3333KnpMwKFnU:fP29rUrBM82YjOeJ1TTgJMRqIcuuu6/
Static task
static1
Behavioral task
behavioral1
Sample
24fe6412893abef12251d0c0cb59beaf40cdc34ce8c70ff766e4d9444a6f6186.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
24fe6412893abef12251d0c0cb59beaf40cdc34ce8c70ff766e4d9444a6f6186.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
bitrat
1.38
37.139.128.233:3569
-
communication_password
ce952068942604a6d6df06ed5002fad6
-
tor_process
tor
Targets
-
-
Target
24fe6412893abef12251d0c0cb59beaf40cdc34ce8c70ff766e4d9444a6f6186.exe
-
Size
10KB
-
MD5
9c21d2bd9e8db420cd94a03a00dfdba4
-
SHA1
2f90b847dda5638552a3a5fb01ee28ea6bf82245
-
SHA256
24fe6412893abef12251d0c0cb59beaf40cdc34ce8c70ff766e4d9444a6f6186
-
SHA512
58e4a7c75b41b8551bec5085bc6148ea58c1873981dd6e872b261037d34b15b5ffeccb5babbcb9d756702cccab257a6ebd4c3e9394b843d7b9f94f8a204ab8a6
-
SSDEEP
96:fPdkus9rUrOeM+Jn2JUHBOYOlkIy6KUwTTgJMRqI6ruuuVFr3333KnpMwKFnU:fP29rUrBM82YjOeJ1TTgJMRqIcuuu6/
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-