697e0cf2e6636fff9b8cbece1e67cc5db6b0eb58aace6bafd7656874a9462f49 | Triage

Submit
Reports

Overview

overview

8

Static

static

fa35e20372...c4.exe

windows7_x64

8

fa35e20372...c4.exe

windows10_x64

7

Sharing

General

Target

fa35e20372326e5c1e12607df198b5c4.exe
Size

1.4MB
Sample

211202-tj34haddc7
MD5

fa35e20372326e5c1e12607df198b5c4
SHA1

a022779cbf0fca54ef969c8a86be95083f9e128d
SHA256

697e0cf2e6636fff9b8cbece1e67cc5db6b0eb58aace6bafd7656874a9462f49
SHA512

c24b55c429d6d77791ad3fca53685f9f2f72b336cdf4de62f95e10fb54c1f3e55cda511b78415bbba474131ce4fd9bc887d1086b30a557fb08207487541dd25e

Score

8^/10

agilenet

Static task

static1

Behavioral task

behavioral1

Sample

fa35e20372326e5c1e12607df198b5c4.exe

Resource

win7-en-20211104

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

fa35e20372326e5c1e12607df198b5c4.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  fa35e20372326e5c1e12607df198b5c4.exe
- Size
  
  1.4MB
- MD5
  
  fa35e20372326e5c1e12607df198b5c4
- SHA1
  
  a022779cbf0fca54ef969c8a86be95083f9e128d
- SHA256
  
  697e0cf2e6636fff9b8cbece1e67cc5db6b0eb58aace6bafd7656874a9462f49
- SHA512
  
  c24b55c429d6d77791ad3fca53685f9f2f72b336cdf4de62f95e10fb54c1f3e55cda511b78415bbba474131ce4fd9bc887d1086b30a557fb08207487541dd25e
Score

8^/10

agilenet
- Executes dropped EXE
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy