Analysis
-
max time kernel
129s -
max time network
130s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
22-12-2023 03:33
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
5bdd2635f6b981280bec083763e798bd.exe
Resource
win7-20231215-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
5bdd2635f6b981280bec083763e798bd.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
5bdd2635f6b981280bec083763e798bd.exe
-
Size
116KB
-
MD5
5bdd2635f6b981280bec083763e798bd
-
SHA1
29778139584ada46d54526d1f050372427a3c478
-
SHA256
95bde79ddbc3907163d4fb2a47f8768e94d50c30e950db4f0f065a96fc01f41b
-
SHA512
6be70f9731d3d84ca8456d805c4f9371dd5a933bdcf850d819a2ccd2192b075cb7f31571612d04fcfbf9cccbbc902bb3b8e60bb076748f8e805e87068e80afad
-
SSDEEP
1536:vc+gjdZzGB9bQNMeHq5ixZGLgyBmK8zccAy5mE1biojuIaWDhMgzVkQGDax2U:vcPdZ+JsaVBzMhD9hxR
Score
6/10
Malware Config
Signatures
-
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\USER\S-1-5-21-3818056530-936619650-3554021955-1000\Software\Microsoft\Windows\CurrentVersion\Run\jnkfixo5za = "C:\\Users\\Admin\\AppData\\Local\\Temp\\5bdd2635f6b981280bec083763e798bd.exe" 5bdd2635f6b981280bec083763e798bd.exe -
Uses Tor communications 1 TTPs
Malware can proxy its traffic through Tor for more anonymity.