General

  • Target

    249001c94ea22f689216163b14495331

  • Size

    756KB

  • Sample

    231231-cz79qafgfm

  • MD5

    249001c94ea22f689216163b14495331

  • SHA1

    fa0c6765808a7b509c318f6ff5d0565aa0f14697

  • SHA256

    75d07db3a14fe61caf208aa57cbce91f01e62b20a2ce022f3473d767a60a31ef

  • SHA512

    62a48209366dbbde51c00f34f5692d6c1c88305635fc29bd5105ba5ca2a7f67f0db0aac85893b76c5f44e4e9f7a1c6b9999a015d894848d575ecaed31ea82a11

  • SSDEEP

    12288:bleCOaSJ4nNP2P6ISuNCEDORuCn4Wr2P6ISuNHL:bl+YNkp3N/DORrfIp3N

Score
7/10

Malware Config

Targets

    • Target

      249001c94ea22f689216163b14495331

    • Size

      756KB

    • MD5

      249001c94ea22f689216163b14495331

    • SHA1

      fa0c6765808a7b509c318f6ff5d0565aa0f14697

    • SHA256

      75d07db3a14fe61caf208aa57cbce91f01e62b20a2ce022f3473d767a60a31ef

    • SHA512

      62a48209366dbbde51c00f34f5692d6c1c88305635fc29bd5105ba5ca2a7f67f0db0aac85893b76c5f44e4e9f7a1c6b9999a015d894848d575ecaed31ea82a11

    • SSDEEP

      12288:bleCOaSJ4nNP2P6ISuNCEDORuCn4Wr2P6ISuNHL:bl+YNkp3N/DORrfIp3N

    Score
    7/10
    • Executes dropped EXE

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks