General
-
Target
rOrdinen_487685934GIANCARLOC_s_r_lconvulsional.bat
-
Size
7KB
-
Sample
240626-za94casbqe
-
MD5
e10969ce40099c5ac570b221d3ec6517
-
SHA1
c1c2f30a7e7bfede1608e27cbe925f09525e1459
-
SHA256
acf265447a05d1483e012d7051cfe22f336146b2cff6218453440923fd6d8c83
-
SHA512
d7c3785b4098cf2a45f08cbfe7a5a0e272d2f02e273f2b05da9d050d01019fad671a3fdd9a6c710434c9f43a141a6154bcce64dcface6696ca173ab23ee30923
-
SSDEEP
192:3+g9OFNNtGLqR4AifzVZrlhddjQEXpdq6P1zoK/J8e7I63iLAn:OZFRG1AibRdjQEXaSBx8ypn
Static task
static1
Behavioral task
behavioral1
Sample
rOrdinen_487685934GIANCARLOC_s_r_lconvulsional.bat
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
rOrdinen_487685934GIANCARLOC_s_r_lconvulsional.bat
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
rOrdinen_487685934GIANCARLOC_s_r_lconvulsional.bat
-
Size
7KB
-
MD5
e10969ce40099c5ac570b221d3ec6517
-
SHA1
c1c2f30a7e7bfede1608e27cbe925f09525e1459
-
SHA256
acf265447a05d1483e012d7051cfe22f336146b2cff6218453440923fd6d8c83
-
SHA512
d7c3785b4098cf2a45f08cbfe7a5a0e272d2f02e273f2b05da9d050d01019fad671a3fdd9a6c710434c9f43a141a6154bcce64dcface6696ca173ab23ee30923
-
SSDEEP
192:3+g9OFNNtGLqR4AifzVZrlhddjQEXpdq6P1zoK/J8e7I63iLAn:OZFRG1AibRdjQEXaSBx8ypn
Score10/10-
Blocklisted process makes network request
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-