General

  • Target

    995e93cb625f8495aaacca762984f75cd51d4b83dab87530ab52cd6feb71f18f

  • Size

    1MB

  • Sample

    220531-acazlabffm

  • MD5

    559b52aec4d01ff74368792a609ed93e

  • SHA1

    26ae28b5a0db5310eb73b4c8876e36b5b757ef7f

  • SHA256

    995e93cb625f8495aaacca762984f75cd51d4b83dab87530ab52cd6feb71f18f

  • SHA512

    e4360d91b7b95e14632c321796ffad6367b6ebf795fd3d559fbac3b79eadcfd7eeec0994db8567840324da61d97b07729aa9ef8f5f83d856e04d1769453b4093

Score
10/10

Malware Config

Targets

    • Target

      IMG_4119.SCR

    • Size

      905KB

    • MD5

      060cbc77c20d140b7ad9f90fd58d45c3

    • SHA1

      f39d0f1ecb50884c69e81b2fd8f66c4b1d5c5cf4

    • SHA256

      550615c0ae5984a323c65110142b7730c87cd0b4bdc6ff13052983ba8a6ec7ff

    • SHA512

      525b3beb849c77b132eb77ea1424605b48d5406a5f93a7f10a13b7837e8c7f363ecca7a7b71169114386679a4dc98077a372461dbf43e062c56e116b4f350fe1

    Score
    10/10
    • CoreEntity .NET Packer

      A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.

    • ReZer0 packer

      Detects ReZer0, a packer with multiple versions used in various campaigns.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks