Overview

overview

8

Static

static

po.exe

windows7_x64

8

po.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    po.exe

  • Size

    541KB

  • Sample

    210503-6fbmhaxfc6

  • MD5

    7e1096d0fedac6c88a4f58eefcf1e92b

  • SHA1

    fd6292bbb0286425e6be104b2156b173261ac740

  • SHA256

    9d5a4507ca16ca47315c7b7f58279cf23bbb9ffda2340367130d1d5b2d00740e

  • SHA512

    b32d13ce536e54dae40327557ddf6b215cc186b7dd60a423aaf7ab28d87cba2991ef95b898496b2ea1994ae1e6bb6a77bd8861564d849ba37837da29758dc14c

Score
8/10
agilenet

Malware Config

Targets

    • Target

      po.exe

    • Size

      541KB

    • MD5

      7e1096d0fedac6c88a4f58eefcf1e92b

    • SHA1

      fd6292bbb0286425e6be104b2156b173261ac740

    • SHA256

      9d5a4507ca16ca47315c7b7f58279cf23bbb9ffda2340367130d1d5b2d00740e

    • SHA512

      b32d13ce536e54dae40327557ddf6b215cc186b7dd60a423aaf7ab28d87cba2991ef95b898496b2ea1994ae1e6bb6a77bd8861564d849ba37837da29758dc14c

    Score
    8/10
    agilenet

    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks