General
-
Target
Desktop.rar
-
Size
123.4MB
-
Sample
250125-cqdnrazqet
-
MD5
b41458c63a2fe7957fb5f153df96c1ca
-
SHA1
83b0206c507666c0601163f9fd7194b2ad2aa239
-
SHA256
91f54df9ad8f7c57351933109a90419e4865589d5a254879b6a4ad3a4699c1dc
-
SHA512
6b5641702e3e05d2cea1b07078a31da230888d3cbd976f79f2d90768cc8d9cec078da8b7bc51dbfe2acefd84b46c7a22d65ca0580a21b25999e687eacba64c61
-
SSDEEP
3145728:bcEX9eT95UvvKQaGO8v39B/MgXA+5mY7f:39S5U6zObyJY7f
Behavioral task
behavioral1
Sample
Desktop.rar
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Desktop.rar
-
Size
123.4MB
-
MD5
b41458c63a2fe7957fb5f153df96c1ca
-
SHA1
83b0206c507666c0601163f9fd7194b2ad2aa239
-
SHA256
91f54df9ad8f7c57351933109a90419e4865589d5a254879b6a4ad3a4699c1dc
-
SHA512
6b5641702e3e05d2cea1b07078a31da230888d3cbd976f79f2d90768cc8d9cec078da8b7bc51dbfe2acefd84b46c7a22d65ca0580a21b25999e687eacba64c61
-
SSDEEP
3145728:bcEX9eT95UvvKQaGO8v39B/MgXA+5mY7f:39S5U6zObyJY7f
-
Blackshades family
-
Blackshades payload
-
Modifies firewall policy service
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks whether UAC is enabled
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-