General

  • Target

    c89f0d0445d2586ac1a31fb9d02b84f0

  • Size

    600KB

  • Sample

    231228-gerhpaacer

  • MD5

    c89f0d0445d2586ac1a31fb9d02b84f0

  • SHA1

    330f9385af16397a98d07d758e3cec085fde0eeb

  • SHA256

    40742669ca97738f2584afe908f228c7a90f97604f898debddfd984c7b236898

  • SHA512

    b41d703e3a81a0918d8d0516b19960e61779c8d4802382b0efe6ba71731b285026089d60c91f39ab450a00a0cef1da022429063498f4d067ca3becc432ad5ade

  • SSDEEP

    12288:6g0nOg8PHzZrgAq6Qb+ITgBY4z5ZmPQZuV7fGAlnSv8uBy:6g0nOJLep6Qb3TgBvsPKCzn4HBy

Score
7/10

Malware Config

Targets

    • Target

      c89f0d0445d2586ac1a31fb9d02b84f0

    • Size

      600KB

    • MD5

      c89f0d0445d2586ac1a31fb9d02b84f0

    • SHA1

      330f9385af16397a98d07d758e3cec085fde0eeb

    • SHA256

      40742669ca97738f2584afe908f228c7a90f97604f898debddfd984c7b236898

    • SHA512

      b41d703e3a81a0918d8d0516b19960e61779c8d4802382b0efe6ba71731b285026089d60c91f39ab450a00a0cef1da022429063498f4d067ca3becc432ad5ade

    • SSDEEP

      12288:6g0nOg8PHzZrgAq6Qb+ITgBY4z5ZmPQZuV7fGAlnSv8uBy:6g0nOJLep6Qb3TgBvsPKCzn4HBy

    Score
    7/10
    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks