General
-
Target
Echo Mirage.7z
-
Size
9.5MB
-
Sample
240428-am58gsca8y
-
MD5
5da7ca6f6f3c3ee8dd1d86f174d1f557
-
SHA1
3c724b5752f7d8fa0852e91fe656c72c24b3a83a
-
SHA256
c755e54f2688d8786a2e3770977674421e9346183997618dbb9795d4aebc1117
-
SHA512
3062d94c7a07185fbb10baefd2ef831c1ce1543f2e01116c74b7ca040bc2625c7ee48518d4f09c77345e892c2a9bb35c26e9e95ccfeeb97d738ff5302239ae14
-
SSDEEP
196608:Qke4SKN+njhTTcT0twzaXvt16TomFIZSWupLkyrIRXelLCqzncjQ:NecNU5ThtLvgJFYqpLkyrxlLC8cE
Static task
static1
Behavioral task
behavioral1
Sample
Echo Mirage.7z
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
Echo Mirage.7z
-
Size
9.5MB
-
MD5
5da7ca6f6f3c3ee8dd1d86f174d1f557
-
SHA1
3c724b5752f7d8fa0852e91fe656c72c24b3a83a
-
SHA256
c755e54f2688d8786a2e3770977674421e9346183997618dbb9795d4aebc1117
-
SHA512
3062d94c7a07185fbb10baefd2ef831c1ce1543f2e01116c74b7ca040bc2625c7ee48518d4f09c77345e892c2a9bb35c26e9e95ccfeeb97d738ff5302239ae14
-
SSDEEP
196608:Qke4SKN+njhTTcT0twzaXvt16TomFIZSWupLkyrIRXelLCqzncjQ:NecNU5ThtLvgJFYqpLkyrxlLC8cE
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-