General
-
Target
b64d21aaa7c4d1b39c3210c505a356ae2b8f62546a4582aea9b8b4bde1331cd7
-
Size
6.9MB
-
Sample
240424-ccbbgaea4x
-
MD5
e173c05c4a3e872292b1f21e6d1a633a
-
SHA1
60c97091d291855e9dcd3757ddc3a78daae1ac18
-
SHA256
b64d21aaa7c4d1b39c3210c505a356ae2b8f62546a4582aea9b8b4bde1331cd7
-
SHA512
34acb6f310646af5ae973db4612e001ec2078a0c0f2758f9dafce18b34e5f703cedd3d316ed458bde47b9c31149e46fbddb16e2c0320e19e426389648828a5af
-
SSDEEP
98304:kb0PkiC5Sofp5XJdP/0Gu4STi94vlTKlrfxgLQFMjAe6shVJRzux84i:kYlMJdXS4STiqlTKlTyLKMkpsLvux8j
Static task
static1
Behavioral task
behavioral1
Sample
b64d21aaa7c4d1b39c3210c505a356ae2b8f62546a4582aea9b8b4bde1331cd7.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
b64d21aaa7c4d1b39c3210c505a356ae2b8f62546a4582aea9b8b4bde1331cd7
-
Size
6.9MB
-
MD5
e173c05c4a3e872292b1f21e6d1a633a
-
SHA1
60c97091d291855e9dcd3757ddc3a78daae1ac18
-
SHA256
b64d21aaa7c4d1b39c3210c505a356ae2b8f62546a4582aea9b8b4bde1331cd7
-
SHA512
34acb6f310646af5ae973db4612e001ec2078a0c0f2758f9dafce18b34e5f703cedd3d316ed458bde47b9c31149e46fbddb16e2c0320e19e426389648828a5af
-
SSDEEP
98304:kb0PkiC5Sofp5XJdP/0Gu4STi94vlTKlrfxgLQFMjAe6shVJRzux84i:kYlMJdXS4STiqlTKlTyLKMkpsLvux8j
-
Orcurs Rat Executable
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-