General
-
Target
chthonic_1.0.0.0.vir
-
Size
108KB
-
Sample
200719-1sm7s1ez52
-
MD5
4fedceb3fef8b8addd7b34b3cae72700
-
SHA1
0d688c4a150368ba01513aa816ff524d223aaa79
-
SHA256
95f698955cf8a1adf8991085da2c45f4441e0423b7db42aae3dc0dd6c4dfaa28
-
SHA512
b8fd269d0876de12bbb5c9ad0d407d3f08c2778c320fdb2443a2a8efcaa17044fbf46a7f419de5d526ac86cce04db6f86e8223c832c0cdc1c26abd4249f90ff0
Static task
static1
Behavioral task
behavioral1
Sample
chthonic_1.0.0.0.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
chthonic_1.0.0.0.vir.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
chthonic_1.0.0.0.vir
-
Size
108KB
-
MD5
4fedceb3fef8b8addd7b34b3cae72700
-
SHA1
0d688c4a150368ba01513aa816ff524d223aaa79
-
SHA256
95f698955cf8a1adf8991085da2c45f4441e0423b7db42aae3dc0dd6c4dfaa28
-
SHA512
b8fd269d0876de12bbb5c9ad0d407d3f08c2778c320fdb2443a2a8efcaa17044fbf46a7f419de5d526ac86cce04db6f86e8223c832c0cdc1c26abd4249f90ff0
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of SetThreadContext
-