General

  • Target

    AnyDesk (1).exe

  • Size

    2.8MB

  • Sample

    210306-cpatdzrz1n

  • MD5

    08c999b2d02f9253c1320e8473245278

  • SHA1

    8191f2871c2badd42838e0a3b67aada5a35e2abd

  • SHA256

    9e4c02db3e8d6a633564d882eaf260e45769441a3c9fbdd02a40de36085bfb82

  • SHA512

    a5b2faf418ed90e5d75c898b95c2a9d748326325b02836523cc2ab486380af889ecc40099c6047a3d6bf99857a95da5edea69c574235cbf3ee940753ed4ecacb

Score
8/10

Malware Config

Targets

    • Target

      AnyDesk (1).exe

    • Size

      2.8MB

    • MD5

      08c999b2d02f9253c1320e8473245278

    • SHA1

      8191f2871c2badd42838e0a3b67aada5a35e2abd

    • SHA256

      9e4c02db3e8d6a633564d882eaf260e45769441a3c9fbdd02a40de36085bfb82

    • SHA512

      a5b2faf418ed90e5d75c898b95c2a9d748326325b02836523cc2ab486380af889ecc40099c6047a3d6bf99857a95da5edea69c574235cbf3ee940753ed4ecacb

    Score
    8/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

MITRE ATT&CK Matrix

Tasks