General
-
Target
citadel_1.3.3.1.vir
-
Size
199KB
-
Sample
200719-negld6jh76
-
MD5
df96ba696553268ea03f8bfa555047a4
-
SHA1
ea937edc811b75a2949eb609d95bc53b031e63ed
-
SHA256
cf813a86d30ddd0c2ca59f73334fffd241bfd31eddfe30dc2e73d5b29ae752d1
-
SHA512
3ee228da9dcb7907c939ecebf417247b5b65dce22e92b642796de66f5fc8b7bc84bf658ffae0dab70f5f1cdbbc20df54ce89248a2d70e4dac54862b9a5ed8df3
Static task
static1
Behavioral task
behavioral1
Sample
citadel_1.3.3.1.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
citadel_1.3.3.1.vir.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
citadel_1.3.3.1.vir
-
Size
199KB
-
MD5
df96ba696553268ea03f8bfa555047a4
-
SHA1
ea937edc811b75a2949eb609d95bc53b031e63ed
-
SHA256
cf813a86d30ddd0c2ca59f73334fffd241bfd31eddfe30dc2e73d5b29ae752d1
-
SHA512
3ee228da9dcb7907c939ecebf417247b5b65dce22e92b642796de66f5fc8b7bc84bf658ffae0dab70f5f1cdbbc20df54ce89248a2d70e4dac54862b9a5ed8df3
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-