General
-
Target
cOOla_unban.exe
-
Size
5.6MB
-
Sample
231221-xgyb1sbegp
-
MD5
6857f16046fd533188f28606ae7586ab
-
SHA1
230bb3ad33960731a4ec637469197fe07d8c3234
-
SHA256
b3cbb74a4236bd44bb4bdc9d3ce5515a52abb470804de9949818d5d4989cacc5
-
SHA512
a5d8142c80d10cc9d5b4607ae6f6dffb5f96383e07194a226a575cf4c11b81730a57ea4c8423753c4cf7dc02cb2598fc2aafc0c4b0b695bd4c947921809ca3a6
-
SSDEEP
98304:JYsLCpbM7aFsTiyrkrGKsSdYNTQqv5uCtL2FdIjt4+gpitlCqg67g7xLxRWY:esL8bMRjrPKsSez5uIjVgpIlCq7g7XR5
Malware Config
Targets
-
-
Target
cOOla_unban.exe
-
Size
5.6MB
-
MD5
6857f16046fd533188f28606ae7586ab
-
SHA1
230bb3ad33960731a4ec637469197fe07d8c3234
-
SHA256
b3cbb74a4236bd44bb4bdc9d3ce5515a52abb470804de9949818d5d4989cacc5
-
SHA512
a5d8142c80d10cc9d5b4607ae6f6dffb5f96383e07194a226a575cf4c11b81730a57ea4c8423753c4cf7dc02cb2598fc2aafc0c4b0b695bd4c947921809ca3a6
-
SSDEEP
98304:JYsLCpbM7aFsTiyrkrGKsSdYNTQqv5uCtL2FdIjt4+gpitlCqg67g7xLxRWY:esL8bMRjrPKsSez5uIjVgpIlCq7g7XR5
-
Stops running service(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-