General

  • Target

    nameware_Loader.zip

  • Size

    982KB

  • Sample

    240225-yn1ldsah48

  • MD5

    814fdda4d8c46c9ecf3d68635e5bb19f

  • SHA1

    860edd2bb74acf119bc73c37e24c84c1c5772b33

  • SHA256

    2073301d56a8cc5c478408fb2e73079b0b04a169d8686384f68cde3869ea3455

  • SHA512

    104bf34f8fdc80d82d435542cad77a27d135fe1842e6062788525ff1adf51ac78699c51bca690880a21a7179ae13fc78ccbe1a14668ae86c679625814aa59715

  • SSDEEP

    24576:ypJrJefjquTWJmLSmz0AqXPnuTwJH43BN0u0PEW7VDMl:yvejqKSmYuch433SEW7K

Score
7/10

Malware Config

Targets

    • Target

      NameWare/NameWare.exe

    • Size

      568KB

    • MD5

      7508e7d065e39557a0bda2f3cf59763a

    • SHA1

      bccee0fe87115a28b6d445110734d650d7a8efc5

    • SHA256

      2903ae1b9c32b24f009fe3d1a1fdc445c911c0fd766eb883b9cb551842e33797

    • SHA512

      cf458d89d9c828b8b3238adbfd3f0eebe221f80e70c541687bb4320d5c43349ce9ce91f061e8edde216fbe12b79b5ca2fee1b822c01ef2df802b97fe1b92438c

    • SSDEEP

      3072:EOI4HClikr/xK8Y1BFXLzrn7CK2BFXLzrn7CKoT+Ah8UCnI5FGLvXQy:W4jXFHT7CKyFHT7CKogUcs

    Score
    7/10
    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks