General
-
Target
loader_patched_by_cypher.exe
-
Size
8.6MB
-
Sample
240302-3qavzaae21
-
MD5
c71b1d59edf0689bc03a41f7d7c91843
-
SHA1
66e7c50307168b279d3d2acac9caeecad5283f52
-
SHA256
d552d463a5bdc43885b1cf4d86b9ed98c80fc877416729b84cf5d4986bec94c2
-
SHA512
4954b97c5c330b9abf2ca87bbf77f76a8075cdb6008ee1610473f7872858827b58dce0cfb53f61a913781e8a9d6ab254da46308e5a734fc6b83559605973a698
-
SSDEEP
196608:QPnlJvkC3OOXDLzFgyBRZahPDBlPreVr:Cnz3OcDLzFgy4hPDBt4
Behavioral task
behavioral1
Sample
loader_patched_by_cypher.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
loader_patched_by_cypher.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
loader_patched_by_cypher.exe
-
Size
8.6MB
-
MD5
c71b1d59edf0689bc03a41f7d7c91843
-
SHA1
66e7c50307168b279d3d2acac9caeecad5283f52
-
SHA256
d552d463a5bdc43885b1cf4d86b9ed98c80fc877416729b84cf5d4986bec94c2
-
SHA512
4954b97c5c330b9abf2ca87bbf77f76a8075cdb6008ee1610473f7872858827b58dce0cfb53f61a913781e8a9d6ab254da46308e5a734fc6b83559605973a698
-
SSDEEP
196608:QPnlJvkC3OOXDLzFgyBRZahPDBlPreVr:Cnz3OcDLzFgy4hPDBt4
Score8/10-
Sets service image path in registry
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-