General
-
Target
31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1
-
Size
950KB
-
Sample
211216-xzjataddhq
-
MD5
48fa43c77f5335a1767851f173e2a2b5
-
SHA1
b8175d4e335f44fd8ee65002087ccafea89fabe8
-
SHA256
31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1
-
SHA512
0e6ad438e968ac1ac9bb0edaa0ab46705c1a22b94a34e5465c69d4ab2325adf0b3c787ccfb32c4088b92fd9a585edbeef121f3c0f549e6dde0242104b69791ea
Static task
static1
Behavioral task
behavioral1
Sample
31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1
-
Size
950KB
-
MD5
48fa43c77f5335a1767851f173e2a2b5
-
SHA1
b8175d4e335f44fd8ee65002087ccafea89fabe8
-
SHA256
31d6605b949dcdc84f3e423ca7a1c6f465a26f2bced375c3b697bc116b9eb3f1
-
SHA512
0e6ad438e968ac1ac9bb0edaa0ab46705c1a22b94a34e5465c69d4ab2325adf0b3c787ccfb32c4088b92fd9a585edbeef121f3c0f549e6dde0242104b69791ea
Score8/10-
Executes dropped EXE
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-