General
-
Target
chthonic_2.0.8.1.vir
-
Size
217KB
-
Sample
200719-l1bp8htl9s
-
MD5
c4b802049dbdf2bb8a299d68715fac43
-
SHA1
177aeba07cecfbffb1697e051a9d5b920965813a
-
SHA256
cc841ea2d1abc98b1e89294c3a0dbef1b04e58b4c9b6f4b0f9ad33adef1d1309
-
SHA512
3f93115f2fd801a427be5f0abf6880793e85d71c60df14c0e02db14a8548781b9811c689384c0c9fc706d5522e6b3158270e49106acad5fa522f06ccf046747a
Static task
static1
Behavioral task
behavioral1
Sample
chthonic_2.0.8.1.vir.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
chthonic_2.0.8.1.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
chthonic_2.0.8.1.vir
-
Size
217KB
-
MD5
c4b802049dbdf2bb8a299d68715fac43
-
SHA1
177aeba07cecfbffb1697e051a9d5b920965813a
-
SHA256
cc841ea2d1abc98b1e89294c3a0dbef1b04e58b4c9b6f4b0f9ad33adef1d1309
-
SHA512
3f93115f2fd801a427be5f0abf6880793e85d71c60df14c0e02db14a8548781b9811c689384c0c9fc706d5522e6b3158270e49106acad5fa522f06ccf046747a
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Blacklisted process makes network request
-
Disables taskbar notifications via registry modification
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-