General
-
Target
citadel_1.2.4.0.vir
-
Size
630KB
-
Sample
200719-hqkxhhezxe
-
MD5
f5b434f9ad53bac3bd1af814bbe73fc5
-
SHA1
12a5100c1217b847c2177c3dc47efc233b188a2f
-
SHA256
54d67f153de6ba73daf1b037057cf5c0550cfb6c0aee53c5d5119a9a3647b300
-
SHA512
ac64540501f8555cce3e2eb3f85b8c23ddf57d413d5b3d7c14274d46e2499c7667c14cfadeb36f803f05dadf1b33fd2049d5a29bb90fd12f9a6eaed988f91442
Static task
static1
Behavioral task
behavioral1
Sample
citadel_1.2.4.0.vir.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
citadel_1.2.4.0.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
citadel_1.2.4.0.vir
-
Size
630KB
-
MD5
f5b434f9ad53bac3bd1af814bbe73fc5
-
SHA1
12a5100c1217b847c2177c3dc47efc233b188a2f
-
SHA256
54d67f153de6ba73daf1b037057cf5c0550cfb6c0aee53c5d5119a9a3647b300
-
SHA512
ac64540501f8555cce3e2eb3f85b8c23ddf57d413d5b3d7c14274d46e2499c7667c14cfadeb36f803f05dadf1b33fd2049d5a29bb90fd12f9a6eaed988f91442
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-