General
-
Target
c89f0d0445d2586ac1a31fb9d02b84f0
-
Size
600KB
-
Sample
231228-gerhpaacer
-
MD5
c89f0d0445d2586ac1a31fb9d02b84f0
-
SHA1
330f9385af16397a98d07d758e3cec085fde0eeb
-
SHA256
40742669ca97738f2584afe908f228c7a90f97604f898debddfd984c7b236898
-
SHA512
b41d703e3a81a0918d8d0516b19960e61779c8d4802382b0efe6ba71731b285026089d60c91f39ab450a00a0cef1da022429063498f4d067ca3becc432ad5ade
-
SSDEEP
12288:6g0nOg8PHzZrgAq6Qb+ITgBY4z5ZmPQZuV7fGAlnSv8uBy:6g0nOJLep6Qb3TgBvsPKCzn4HBy
Static task
static1
Behavioral task
behavioral1
Sample
c89f0d0445d2586ac1a31fb9d02b84f0.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
c89f0d0445d2586ac1a31fb9d02b84f0.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
c89f0d0445d2586ac1a31fb9d02b84f0
-
Size
600KB
-
MD5
c89f0d0445d2586ac1a31fb9d02b84f0
-
SHA1
330f9385af16397a98d07d758e3cec085fde0eeb
-
SHA256
40742669ca97738f2584afe908f228c7a90f97604f898debddfd984c7b236898
-
SHA512
b41d703e3a81a0918d8d0516b19960e61779c8d4802382b0efe6ba71731b285026089d60c91f39ab450a00a0cef1da022429063498f4d067ca3becc432ad5ade
-
SSDEEP
12288:6g0nOg8PHzZrgAq6Qb+ITgBY4z5ZmPQZuV7fGAlnSv8uBy:6g0nOJLep6Qb3TgBvsPKCzn4HBy
Score7/10-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-