General
-
Target
Twitch-Patcheur-30.2.1-Windows-Installer.exe
-
Size
346KB
-
Sample
240817-w6gj5atalm
-
MD5
ab09ac3114e7920de492f02c47489895
-
SHA1
bcb0127ab885aef339218be3abf20651632e728d
-
SHA256
f0ecd08d69bad177695b2874833106929ab2bf6832a8389b993f212da6cfc6ec
-
SHA512
bf0a427ed8feac16313a54bc450fe1543979902f056bb611b35f18cbcb925d8bed30c1c1a8ffaeb656d5d4ed949a21195b90a9c6084e9d8d5366a82b036a91f9
-
SSDEEP
6144:Bt5hBPi0BW69hd1MMdxPe9N9uA069TBkcOAF4fffNJmfg+O+j8kw7V8:Btzww69TWcHF4fffNJmfg+O+jfZ
Static task
static1
Malware Config
Targets
-
-
Target
Twitch-Patcheur-30.2.1-Windows-Installer.exe
-
Size
346KB
-
MD5
ab09ac3114e7920de492f02c47489895
-
SHA1
bcb0127ab885aef339218be3abf20651632e728d
-
SHA256
f0ecd08d69bad177695b2874833106929ab2bf6832a8389b993f212da6cfc6ec
-
SHA512
bf0a427ed8feac16313a54bc450fe1543979902f056bb611b35f18cbcb925d8bed30c1c1a8ffaeb656d5d4ed949a21195b90a9c6084e9d8d5366a82b036a91f9
-
SSDEEP
6144:Bt5hBPi0BW69hd1MMdxPe9N9uA069TBkcOAF4fffNJmfg+O+j8kw7V8:Btzww69TWcHF4fffNJmfg+O+jfZ
-
Blocklisted process makes network request
-
Download via BitsAdmin
-
Possible privilege escalation attempt
-
Drops startup file
-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-