Overview

overview

7

Static

static

7

echo.7z

windows10-2004-x64

7

Resubmissions

21-05-2024 15:59

240521-tfcgdabb36 7

21-05-2024 15:51

240521-takwkaba8w 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    echo.7z

  • Size

    17.3MB

  • Sample

    240521-takwkaba8w

  • MD5

    e0499900323a2a13e715c79df240c8cc

  • SHA1

    aab068f2af116efa533c46e42424f16f3eef90b6

  • SHA256

    4b246be91cb37f662827dbfb616b3a0cea66c9ee8db0eeff3808bf057b2b4738

  • SHA512

    f3b2d599431082f4a0591888ba12ccbf9dd518da64004092ee8dbe8fbff75fadee119694b766dff8cfcebb722600b46b950134304ead0d05069ad588a82d0cfb

  • SSDEEP

    393216:URxIrNnI6f7uzW4RyQZecNoTyBNoQKwKhGM4/kOh3Kv:qI6qqzW4RyncN2wNRKoM4de

Score
7/10
agilenetupx

Malware Config

Targets

    • Target

      echo.7z

    • Size

      17.3MB

    • MD5

      e0499900323a2a13e715c79df240c8cc

    • SHA1

      aab068f2af116efa533c46e42424f16f3eef90b6

    • SHA256

      4b246be91cb37f662827dbfb616b3a0cea66c9ee8db0eeff3808bf057b2b4738

    • SHA512

      f3b2d599431082f4a0591888ba12ccbf9dd518da64004092ee8dbe8fbff75fadee119694b766dff8cfcebb722600b46b950134304ead0d05069ad588a82d0cfb

    • SSDEEP

      393216:URxIrNnI6f7uzW4RyQZecNoTyBNoQKwKhGM4/kOh3Kv:qI6qqzW4RyncN2wNRKoM4de

    Score
    7/10
    agilenetupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Tasks