General
-
Target
chthonic_2.0.8.0.vir
-
Size
175KB
-
Sample
200719-vjz7qdc9yx
-
MD5
ceb583f418c8f2bb06966b9a5458d704
-
SHA1
31bf98fbff22cb03604e2fc758575120f9915b2c
-
SHA256
5f33dc16c573abca537ffb79f9135cc5ad143f410cb38f3d4c9adc94aeaf38df
-
SHA512
41d1c03e8ee85adc9426bb4bf5af59c83cec7619f1b35c9b68011cae99b170646721d97c46eec649717ed3d860a1066b43bcb8485856cad69f776f0ae7f8cb27
Static task
static1
Behavioral task
behavioral1
Sample
chthonic_2.0.8.0.vir.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
chthonic_2.0.8.0.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
chthonic_2.0.8.0.vir
-
Size
175KB
-
MD5
ceb583f418c8f2bb06966b9a5458d704
-
SHA1
31bf98fbff22cb03604e2fc758575120f9915b2c
-
SHA256
5f33dc16c573abca537ffb79f9135cc5ad143f410cb38f3d4c9adc94aeaf38df
-
SHA512
41d1c03e8ee85adc9426bb4bf5af59c83cec7619f1b35c9b68011cae99b170646721d97c46eec649717ed3d860a1066b43bcb8485856cad69f776f0ae7f8cb27
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Adds policy Run key to start application
-
Blacklisted process makes network request
-
Disables taskbar notifications via registry modification
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-