Overview

overview

7

Static

static

1

Consumer_p_.exe

windows7-x64

7

Consumer_p_.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Consumer_p_.exe

  • Size

    31.9MB

  • Sample

    230319-hd4masfc69

  • MD5

    f077fe80c3a20870c75c3eb8464eb360

  • SHA1

    3c212a8ec8b7c8b3e69340b69d2ac4e690ec4a6c

  • SHA256

    02cc6945c8a524424cf8f399905e53ca88f505c54ed425a92a1e95b2d31b2d9d

  • SHA512

    e1f4e97d26dd19b465e62cea2aebf58ca0857aa8575e288665838e0073905001972614af9bb9518a5d2823a7dd6d16d4ed626c7c1266eaf347c9b8ce43cfc0ae

  • SSDEEP

    786432:7LIPpTfGiQlJe01j3m3q2YA72qP/gqyT0s5:70PNfG5lJemjW3GA7xnu

Score
7/10
agilenet

Malware Config

Targets

    • Target

      Consumer_p_.exe

    • Size

      31.9MB

    • MD5

      f077fe80c3a20870c75c3eb8464eb360

    • SHA1

      3c212a8ec8b7c8b3e69340b69d2ac4e690ec4a6c

    • SHA256

      02cc6945c8a524424cf8f399905e53ca88f505c54ed425a92a1e95b2d31b2d9d

    • SHA512

      e1f4e97d26dd19b465e62cea2aebf58ca0857aa8575e288665838e0073905001972614af9bb9518a5d2823a7dd6d16d4ed626c7c1266eaf347c9b8ce43cfc0ae

    • SSDEEP

      786432:7LIPpTfGiQlJe01j3m3q2YA72qP/gqyT0s5:70PNfG5lJemjW3GA7xnu

    Score
    7/10
    agilenet

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks