Overview

overview

5

Static

static

a/R08iiKo0.exe

windows7-x64

1

a/R08iiKo0.exe

windows10-2004-x64

1

a/R3nzSkin.dll

windows7-x64

5

a/R3nzSkin.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a.zip

  • Size

    396KB

  • Sample

    230201-pnhadadb52

  • MD5

    cf748fe2ad3747a0f4559ef8a8632359

  • SHA1

    c06ee60e79e041a8e139a2324788708ee14959f4

  • SHA256

    737fe0975855d45f46800126b8329c82d8c3b500038298acf052b425ec184759

  • SHA512

    948818d841b11554a02b1c1027c09d617e11c6dca2b52b0f7c30b66259a164c454c13dd91f22cba91777132da4ef0df14ff40e6ed7f074c444ad900893fcad12

  • SSDEEP

    6144:EeeEyOjOPkkiIhijklIUSzRhWwJ8dockyDfwum7Lr1VnSwPRCH:Ee/ypkki6IDNhfsUyLwu2lJw

Score
5/10

Malware Config

Targets

    • Target

      a/R08iiKo0.exe

    • Size

      141KB

    • MD5

      0082e7566254b628633413da792c0f17

    • SHA1

      dff81464fc47e77342e39303281cd00e6481781e

    • SHA256

      859c0bab53b455eab1ad7eac3b903f51005f1070a8e02eea655617f3554d2266

    • SHA512

      50d7ecae469955a93bd7ba6f22ed5263faa60f6eb4b6a4add877ae36e452d8884a8fb26267890f5118894c9400f9a510ccaa09949a0e6ebce8a528b65f34023e

    • SSDEEP

      3072:MQEX2aCZcj/0mxaXvsmSp7pATEbvyQLozLaqoYD:MhKZ6/0mxaXvsmSp7pATEbvy3zLaqo

    Score
    1/10
    behavioral1behavioral2

    • Target

      a/R3nzSkin.dll

    • Size

      591KB

    • MD5

      bdd7fdfacac46f6e549aa3aa4681030c

    • SHA1

      427c35c091915074873272e3dbd8d8dc67802b0d

    • SHA256

      ce16f52fb754f56fd3ecb8772227c616ca56605334a52216fc29b44684bb96d3

    • SHA512

      e99665c64cc599ffd0284197ea271109b8d6c3c7c5b9c0123b458e55caa975fbfe4aa40ac51f03d90844c3a1d54b554e5410f4db1df38f19682918dd5967cc03

    • SSDEEP

      12288:D9oxYle32icRbxd4B5SLwoBFyM642t71w/3dMB:Dq+le3bKVd2STBFyp42Xw/3

    Score
    5/10

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks