General
-
Target
citadel_1.3.2.0.vir
-
Size
229KB
-
Sample
200719-svlk6v8j6a
-
MD5
8a5bf60e204356dff1029a4d10f7596b
-
SHA1
e0a17c6248f3dd599ab79552a83050c673857f72
-
SHA256
118185aed4dd97bbf3fe28bebb075a67ca7dbf75dee24efa999e170ee13d0396
-
SHA512
64253b1789adb4fa9faa37c0ac9bdbe792b2ec9112c2820efae8fb430e16822cf7861b0ff7b882818af24b37911a29b72caffaae306d7468e7a15dcbff5d54d0
Static task
static1
Behavioral task
behavioral1
Sample
citadel_1.3.2.0.vir.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
citadel_1.3.2.0.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
citadel_1.3.2.0.vir
-
Size
229KB
-
MD5
8a5bf60e204356dff1029a4d10f7596b
-
SHA1
e0a17c6248f3dd599ab79552a83050c673857f72
-
SHA256
118185aed4dd97bbf3fe28bebb075a67ca7dbf75dee24efa999e170ee13d0396
-
SHA512
64253b1789adb4fa9faa37c0ac9bdbe792b2ec9112c2820efae8fb430e16822cf7861b0ff7b882818af24b37911a29b72caffaae306d7468e7a15dcbff5d54d0
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-