Overview

overview

7

Static

static

7

NoDynMethods (2).exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NoDynMethods (2).exe

  • Size

    54KB

  • Sample

    230322-cc17wsec63

  • MD5

    af7271d99debc5bb06693e7b365a0ef5

  • SHA1

    2a46750b1f478db1cf3af2fb5bb2046233a33a65

  • SHA256

    358277139176aff0276849421fd6b8e4f076f8d14dc625e093545cc211c50f0e

  • SHA512

    85df1e617570d1c03dcc479d99bcb7e438f4ba0d07686a41d25ed1926855879a6a00264c96b31fe468b634669c80fb3f05304cf56664ca3867d4cc9a34fd191a

  • SSDEEP

    768:uEi/fJJ40sqd2U+Yu5LrlSGbY7cnLF/Xb/gygS4qGfdlWwzQQBH1mjH:y/fJJ47q5uRrlSGDpXb/gzmwzlZ0

Score
7/10
agilenet

Malware Config

Targets

    • Target

      NoDynMethods (2).exe

    • Size

      54KB

    • MD5

      af7271d99debc5bb06693e7b365a0ef5

    • SHA1

      2a46750b1f478db1cf3af2fb5bb2046233a33a65

    • SHA256

      358277139176aff0276849421fd6b8e4f076f8d14dc625e093545cc211c50f0e

    • SHA512

      85df1e617570d1c03dcc479d99bcb7e438f4ba0d07686a41d25ed1926855879a6a00264c96b31fe468b634669c80fb3f05304cf56664ca3867d4cc9a34fd191a

    • SSDEEP

      768:uEi/fJJ40sqd2U+Yu5LrlSGbY7cnLF/Xb/gygS4qGfdlWwzQQBH1mjH:y/fJJ47q5uRrlSGDpXb/gzmwzlZ0

    Score
    7/10
    agilenet

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks