Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

7e9d53d6d6b786073ac8e4f1ae11f511a4cf0f58d762f4024030e20fc058f770
Size

7MB
Sample

221128-esttvshh5x
MD5

da78aca4078f309e3ade254cb5ed456b
SHA1

846ced383017d61753f3fdb759a503b8e5ba6809
SHA256

7e9d53d6d6b786073ac8e4f1ae11f511a4cf0f58d762f4024030e20fc058f770
SHA512

1a018872bc280ea876e5a81a8340cb16aef25530de4ebd408223fb7c930553fa7ff2be6000193420db9201d21b7244da933190f7fda7d7799cb233b66a009235
SSDEEP

196608:i4njdv/crTJuQUT7cu8bhuPvEwqQBeLmM043lVQB+2nfPewx:XcxuL72hufc043z2fPewx

Score

10^/10

coreentity

Malware Config

Targets

- Target
  
  7e9d53d6d6b786073ac8e4f1ae11f511a4cf0f58d762f4024030e20fc058f770
- Size
  
  7MB
- MD5
  
  da78aca4078f309e3ade254cb5ed456b
- SHA1
  
  846ced383017d61753f3fdb759a503b8e5ba6809
- SHA256
  
  7e9d53d6d6b786073ac8e4f1ae11f511a4cf0f58d762f4024030e20fc058f770
- SHA512
  
  1a018872bc280ea876e5a81a8340cb16aef25530de4ebd408223fb7c930553fa7ff2be6000193420db9201d21b7244da933190f7fda7d7799cb233b66a009235
- SSDEEP
  
  196608:i4njdv/crTJuQUT7cu8bhuPvEwqQBeLmM043lVQB+2nfPewx:XcxuL72hufc043z2fPewx
Score

10^/10

coreentity
- CoreEntity .NET Packer
  A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.
  coreentity
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Query Registry

T1012

System Information Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

behavioral2