General

  • Target

    Token Manger - Zardex.exe

  • Size

    13.2MB

  • Sample

    240521-sbj5zshg47

  • MD5

    f90d58a498d5d5e42281a32284c805ce

  • SHA1

    61b43552c45a4d46143e1e024074514b47ba92d3

  • SHA256

    daf78cc7d4f4840c7f4664753971ae041f22b6ba890577df53a98082597fd11b

  • SHA512

    6b850bd93f00cab83aa25f785911c7ca4a4fff56f897e7f748dc884e582ea433424fa13be90bd3bfdd0180603b56356e77359db43015f50124ae4bb3466e41dc

  • SSDEEP

    393216:UiIE7Yo5EXMvInEroXF14S2kJSpUhzHfCwQnHj/YwZatC89W7l88m:t7rG8AErU8JC9/JqrYEap9Wy8

Score
7/10

Malware Config

Targets

    • Target

      Token Manger - Zardex.exe

    • Size

      13.2MB

    • MD5

      f90d58a498d5d5e42281a32284c805ce

    • SHA1

      61b43552c45a4d46143e1e024074514b47ba92d3

    • SHA256

      daf78cc7d4f4840c7f4664753971ae041f22b6ba890577df53a98082597fd11b

    • SHA512

      6b850bd93f00cab83aa25f785911c7ca4a4fff56f897e7f748dc884e582ea433424fa13be90bd3bfdd0180603b56356e77359db43015f50124ae4bb3466e41dc

    • SSDEEP

      393216:UiIE7Yo5EXMvInEroXF14S2kJSpUhzHfCwQnHj/YwZatC89W7l88m:t7rG8AErU8JC9/JqrYEap9Wy8

    Score
    7/10
    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      main.pyc

    • Size

      20KB

    • MD5

      53129ce109a2c31413dba0d794fa86a0

    • SHA1

      bcf3ed2656a422177aa4adecc9c6e5f8dfcc662d

    • SHA256

      058d14e494ea2fde3387587cd5d044f2ed896b88761baf58ff984845229337d7

    • SHA512

      bc3af771bac33f28373c9f81b917bd04b13023f791b9ee1b7352c35871f7859306522b795a9a8bfe80a41a482bdab245a6ed6157612f866fa22451313fa8216c

    • SSDEEP

      384:blv/90Lh6ZYYEuxOG4RVQhd4K6+kiRWyySeE0I2NFHk4z5YCA9sq6b2UKfeiA:blv/RGKd4/WRpyhk4z2Cfb2rC

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks