General
-
Target
citadel_1.3.4.0.vir
-
Size
144KB
-
Sample
200719-rax8tefjzx
-
MD5
d19f137ed4625db20e660bde8f04d423
-
SHA1
96d7a2903df9727c4db018e384505d15186b53a3
-
SHA256
f1c63b15b0244a6f956cdbfc811d1990be99f8e5fa4027403b4f1aaf1de312a2
-
SHA512
04ac65fbc7cb38b37b98057ed9136b35c1eedbafa93c82262a6d07fa894131fd66f034f4aa6e578285a4aa499a407ceb5cdc8bc0c82a5f34d08d340a84ee57ef
Static task
static1
Behavioral task
behavioral1
Sample
citadel_1.3.4.0.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
citadel_1.3.4.0.vir.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
citadel_1.3.4.0.vir
-
Size
144KB
-
MD5
d19f137ed4625db20e660bde8f04d423
-
SHA1
96d7a2903df9727c4db018e384505d15186b53a3
-
SHA256
f1c63b15b0244a6f956cdbfc811d1990be99f8e5fa4027403b4f1aaf1de312a2
-
SHA512
04ac65fbc7cb38b37b98057ed9136b35c1eedbafa93c82262a6d07fa894131fd66f034f4aa6e578285a4aa499a407ceb5cdc8bc0c82a5f34d08d340a84ee57ef
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-