General

  • Target

    NameWare.rar

  • Size

    888KB

  • Sample

    240225-yhd57sag33

  • MD5

    3e08464daa29bcce2dba7edfa9179d58

  • SHA1

    7a5a09e1dce9cb511b0004232e5c8c954c85292b

  • SHA256

    85f902aed64615ae8fc7d9abbbe536951e44c84c17ff03ce43d7b78c5b2449fa

  • SHA512

    d5e2c2344a361add6f5218bc74c91e77782081aa8884307f9e7450e05f54f4b9653995a1e1df16353035abb8348d1b235f83ed8c66e3cf837c2422730010d3b9

  • SSDEEP

    24576:/hvU7cnndinm64Ct/iUP0hYa63B1XYNNJtvLZ20FJ0U2bw:dU7cnnImiJNJR2JA0P0k

Score
7/10

Malware Config

Targets

    • Target

      NameWare/NameWare.exe

    • Size

      568KB

    • MD5

      7508e7d065e39557a0bda2f3cf59763a

    • SHA1

      bccee0fe87115a28b6d445110734d650d7a8efc5

    • SHA256

      2903ae1b9c32b24f009fe3d1a1fdc445c911c0fd766eb883b9cb551842e33797

    • SHA512

      cf458d89d9c828b8b3238adbfd3f0eebe221f80e70c541687bb4320d5c43349ce9ce91f061e8edde216fbe12b79b5ca2fee1b822c01ef2df802b97fe1b92438c

    • SSDEEP

      3072:EOI4HClikr/xK8Y1BFXLzrn7CK2BFXLzrn7CKoT+Ah8UCnI5FGLvXQy:W4jXFHT7CKyFHT7CKogUcs

    Score
    7/10
    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks