General
-
Target
b13c23ba543d6cc3be5193435fa78b265ee98904ea2ad37f7922904cc5092cdd
-
Size
5.0MB
-
Sample
230129-x6m8caah39
-
MD5
89c51019b03c22388a5cde47dd1529ec
-
SHA1
c5734ca43306e8c84d10bc6f259c75f43255720a
-
SHA256
b13c23ba543d6cc3be5193435fa78b265ee98904ea2ad37f7922904cc5092cdd
-
SHA512
bd7b1e7d0dfb0639f66e6c8f3151b0e96c4107b7e6babf0a3e9e13ae1e668967deeb32408508311e9d84224af5fbd91070bd5f24d8c55c6d734efbf5b3dfe30f
-
SSDEEP
98304:0GQfVpTU4CxukRPMwMMD5KFPcldTkLSRHhyn5FwR+OJ1IH5iL1EauPw1z:XWHEJRd7YUdCSryn7yIwF6+
Static task
static1
Behavioral task
behavioral1
Sample
b13c23ba543d6cc3be5193435fa78b265ee98904ea2ad37f7922904cc5092cdd.exe
Resource
win7-20221111-en
Malware Config
Extracted
bitrat
1.34
185.157.162.234:54262
-
communication_password
2bb232c0b13c774965ef8558f0fbd615
-
tor_process
tor
Targets
-
-
Target
b13c23ba543d6cc3be5193435fa78b265ee98904ea2ad37f7922904cc5092cdd
-
Size
5.0MB
-
MD5
89c51019b03c22388a5cde47dd1529ec
-
SHA1
c5734ca43306e8c84d10bc6f259c75f43255720a
-
SHA256
b13c23ba543d6cc3be5193435fa78b265ee98904ea2ad37f7922904cc5092cdd
-
SHA512
bd7b1e7d0dfb0639f66e6c8f3151b0e96c4107b7e6babf0a3e9e13ae1e668967deeb32408508311e9d84224af5fbd91070bd5f24d8c55c6d734efbf5b3dfe30f
-
SSDEEP
98304:0GQfVpTU4CxukRPMwMMD5KFPcldTkLSRHhyn5FwR+OJ1IH5iL1EauPw1z:XWHEJRd7YUdCSryn7yIwF6+
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-