General
-
Target
citadel_1.1.4.0.vir
-
Size
11.1MB
-
Sample
200719-wc2mv3rf8j
-
MD5
485b3bf3e7b06079c98646596be7850f
-
SHA1
2e1796209101fc11708433f69df91631519a55f8
-
SHA256
4a6a8f6c1322b7422ba3d72fc223860d0be9073cde27bcfe5365f8135f1ae441
-
SHA512
183b25e5da8bf3f21ff3fb0953545f7fa31e83bd13d7d1f309f6ebc94c14de9f0f965ff1c112550f5e2ab0565f3bd2fc930dce4b1a5c12a1985a55ebd87120f0
Static task
static1
Behavioral task
behavioral1
Sample
citadel_1.1.4.0.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
citadel_1.1.4.0.vir.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
citadel_1.1.4.0.vir
-
Size
11.1MB
-
MD5
485b3bf3e7b06079c98646596be7850f
-
SHA1
2e1796209101fc11708433f69df91631519a55f8
-
SHA256
4a6a8f6c1322b7422ba3d72fc223860d0be9073cde27bcfe5365f8135f1ae441
-
SHA512
183b25e5da8bf3f21ff3fb0953545f7fa31e83bd13d7d1f309f6ebc94c14de9f0f965ff1c112550f5e2ab0565f3bd2fc930dce4b1a5c12a1985a55ebd87120f0
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-