Release.rar

General
Target

Release.rar

Size

6MB

Sample

210223-bzvba4pd92

Score
8 /10
MD5

8ea778c7e9ca6673885fb5f0bef885d9

SHA1

0a518415e2998ff43e7649b068eaf6623f7e8046

SHA256

e0d71bb96f69a7709fcd9d0b86897e1d07cdea0494c3be4d00ae047fd90237a4

SHA512

33457622b7d88c7f6f90e599c8ac26fce1e88e0b839f8e49d9115f53e7855c373bc2d474db0b013307ffab5766b20a4e9b6e326f5526a3828c1ce947a26a20af

Malware Config
Targets
Target

.exe

MD5

425c4a84cdb904690c64acfcb47c7816

Filesize

5MB

Score
8 /10
SHA1

e6b25f9de8f79563230d54cb3bb93c22ee6f3cbb

SHA256

24f19da01be191513b2f309733f46110d4fa04a5b97d4a057ff10a49b70b2c95

SHA512

7e25bc97873c9f742132995c46aacbb5c24cb7e5fa8422cfa3f3be2dbbae6f45c3bef806d1357352622ad57e394cd9593972197b8695e02afc84f11c5ceed670

Tags

Signatures

  • Stops running service(s)

    Tags

    TTPs

    Modify Existing Service Service Stop
  • Suspicious use of NtSetInformationThreadHideFromDebugger

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                Initial Access
                  Lateral Movement
                    Privilege Escalation
                      Tasks

                      static1

                      8/10

                      behavioral1

                      8/10

                      behavioral2

                      8/10