General
-
Target
nameware_Loader.zip
-
Size
982KB
-
Sample
240225-yn1ldsah48
-
MD5
814fdda4d8c46c9ecf3d68635e5bb19f
-
SHA1
860edd2bb74acf119bc73c37e24c84c1c5772b33
-
SHA256
2073301d56a8cc5c478408fb2e73079b0b04a169d8686384f68cde3869ea3455
-
SHA512
104bf34f8fdc80d82d435542cad77a27d135fe1842e6062788525ff1adf51ac78699c51bca690880a21a7179ae13fc78ccbe1a14668ae86c679625814aa59715
-
SSDEEP
24576:ypJrJefjquTWJmLSmz0AqXPnuTwJH43BN0u0PEW7VDMl:yvejqKSmYuch433SEW7K
Behavioral task
behavioral1
Sample
NameWare/NameWare.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
NameWare/NameWare.exe
-
Size
568KB
-
MD5
7508e7d065e39557a0bda2f3cf59763a
-
SHA1
bccee0fe87115a28b6d445110734d650d7a8efc5
-
SHA256
2903ae1b9c32b24f009fe3d1a1fdc445c911c0fd766eb883b9cb551842e33797
-
SHA512
cf458d89d9c828b8b3238adbfd3f0eebe221f80e70c541687bb4320d5c43349ce9ce91f061e8edde216fbe12b79b5ca2fee1b822c01ef2df802b97fe1b92438c
-
SSDEEP
3072:EOI4HClikr/xK8Y1BFXLzrn7CK2BFXLzrn7CKoT+Ah8UCnI5FGLvXQy:W4jXFHT7CKyFHT7CKogUcs
Score7/10-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Legitimate hosting services abused for malware hosting/C2
-