General
-
Target
Backdoor.Win32.IRCNite.ihg5616c57686191e6c65808ffe8a436e8d1476b1f6c0765efdb887498b86d4d446.bin
-
Size
112KB
-
Sample
230507-gy9hlshg5s
-
MD5
438c80fc376c0e3d3379ffec5a3bcd74
-
SHA1
6da1a89fbe0df57349bbc670af8f82deecb510b9
-
SHA256
5616c57686191e6c65808ffe8a436e8d1476b1f6c0765efdb887498b86d4d446
-
SHA512
87b6bbfd988ce9d398d2d5ac2c75c02b040760120bf0d276dd790adb0497fb330f4f98c76afed8ed3ff6e6541d9442bf0c4ee52c236f43cb601dce7042fcc56f
-
SSDEEP
1536:jJg+WBW+f5bB77w0DSnVZsGw+14IUTGReGpBM9FTLPfpXwvdJic5a5a5n:jhLYZB77w0AZsGYIJVpEtjBpB5in
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.IRCNite.ihg5616c57686191e6c65808ffe8a436e8d1476b1f6c0765efdb887498b86d4d446.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
Backdoor.Win32.IRCNite.ihg5616c57686191e6c65808ffe8a436e8d1476b1f6c0765efdb887498b86d4d446.bin
-
Size
112KB
-
MD5
438c80fc376c0e3d3379ffec5a3bcd74
-
SHA1
6da1a89fbe0df57349bbc670af8f82deecb510b9
-
SHA256
5616c57686191e6c65808ffe8a436e8d1476b1f6c0765efdb887498b86d4d446
-
SHA512
87b6bbfd988ce9d398d2d5ac2c75c02b040760120bf0d276dd790adb0497fb330f4f98c76afed8ed3ff6e6541d9442bf0c4ee52c236f43cb601dce7042fcc56f
-
SSDEEP
1536:jJg+WBW+f5bB77w0DSnVZsGw+14IUTGReGpBM9FTLPfpXwvdJic5a5a5n:jhLYZB77w0AZsGYIJVpEtjBpB5in
-
Modifies WinLogon for persistence
-
Modifies firewall policy service
-
Modifies security service
-
Drops startup file
-
Adds Run key to start application
-