be0795cc43ff0620c45d01e4dbea180d713d96c44c21497ce846b7fda5bd0b8e | Triage

Submit
Reports

Overview

overview

7

Static

static

1

iRemoval PRO.exe

windows7-x64

7

iRemoval PRO.exe

windows10-2004-x64

1

Sharing

General

Target

iRemoval PRO.exe
Size

2.2MB
Sample

230403-wdbheaaa3t
MD5

8637fa53f344917dc0989febdf844937
SHA1

eb3375df48cd953f1af70ba9a24a24ae79b66f40
SHA256

be0795cc43ff0620c45d01e4dbea180d713d96c44c21497ce846b7fda5bd0b8e
SHA512

4277adad9713962107200151cce92078e0cd9e312606ae0863c987760fb8247442e5495750f4e234ce8ecc76edf2e3c82a5296a3a45715f583df9d908498e7c9
SSDEEP

49152:vspwgx3iizEZqq0Rsq5mc2g3CVNPynnJR0rXMN0YHizaAhXf:vzM3ihZqqYx5mc2gSVpynJRcaxiza6Xf

Score

7^/10

agilenet

Static task

static1

Behavioral task

behavioral1

Sample

iRemoval PRO.exe

Resource

win7-20230220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

iRemoval PRO.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  iRemoval PRO.exe
- Size
  
  2.2MB
- MD5
  
  8637fa53f344917dc0989febdf844937
- SHA1
  
  eb3375df48cd953f1af70ba9a24a24ae79b66f40
- SHA256
  
  be0795cc43ff0620c45d01e4dbea180d713d96c44c21497ce846b7fda5bd0b8e
- SHA512
  
  4277adad9713962107200151cce92078e0cd9e312606ae0863c987760fb8247442e5495750f4e234ce8ecc76edf2e3c82a5296a3a45715f583df9d908498e7c9
- SSDEEP
  
  49152:vspwgx3iizEZqq0Rsq5mc2g3CVNPynnJR0rXMN0YHizaAhXf:vzM3ihZqqYx5mc2gSVpynJRcaxiza6Xf
Score

7^/10

agilenet
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy