General

  • Target

    30052024_1419_28052024_JUSTI TRANF IVECO 28-05-pdf.tar

  • Size

    746KB

  • Sample

    240530-rm7jzsce48

  • MD5

    63eaaf464ead04c71f13ac6e398f1d2c

  • SHA1

    a47bfbedab759679ea47a1a3ed24b84dcf090e26

  • SHA256

    9e76c6085cfa58f7e4f20a5b2c67d7fb01c805951f937f81133d5ef5bef8589c

  • SHA512

    1e5a66919a6f5f91cbfa309d2184f51ff288d5e0affbe57746fe5c760584e2925188476b2ea1ccb5862e1820a7649b4afca97d2b86f62bb3b484f1cc66898542

  • SSDEEP

    12288:RDDMfZUar2EYYPG0U0A6TxjiG6NbZU7WURBh:dARCUPG09vTxjZ6pZUtRBh

Score
7/10

Malware Config

Targets

    • Target

      Omstningsudviklingers.exe

    • Size

      744KB

    • MD5

      c0bc933adf17e3ed27f0d44f2ad0f529

    • SHA1

      0b1557ee8098762d744bff018c285d1f912642f4

    • SHA256

      98dd3245e6b2d823f036b8ba6c852ee3bc744e53e329054e6569a4710290e2c9

    • SHA512

      906bbeccbde2e0583985d569097e4716b945bd303d582c2d80332d3c60677efa979c081ec9b63d825703abdda72ce0e350aadde50567e5cd8f5712355b1cc9c6

    • SSDEEP

      12288:aDDMfZUar2EYYPG0U0A6TxjiG6NbZU7WURBhV:KARCUPG09vTxjZ6pZUtRBhV

    Score
    7/10
    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    • Suspicious use of NtCreateThreadExHideFromDebugger

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      6c38da8922cc37b4bbb77de4a63ad843

    • SHA1

      4e0533fd11df8bddbd543ed58df7b6060d9f4631

    • SHA256

      1624d9ad8b2e2658af224691263f64388ba3a997efe80011889e3c35237ce4c1

    • SHA512

      ad0be3d7e57da9c304e9b9cac5341b6c76b157456ab44f5579d6c38c830a31c9c3e1e9a875b8f465243c607ea2ede6b0bb77237f17a70a4d4c78606e036c3430

    • SSDEEP

      192:wA1YOTDExj7EFrYCT4E8y3hoSdtTgwF43E7QbGPXI9uIc6gn9Mw:QR7SrtTv53tdtTgwF4SQbGPX36g9Mw

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      7KB

    • MD5

      052099395689171cf64bf4a868e6a9be

    • SHA1

      9581e80b223226eee5f726f38b3e966fdc5bbfad

    • SHA256

      99fc8f647bfff3655dcd4ec577d79ec4102fb3a68b567282ba0b51e0b5262802

    • SHA512

      f45e38314e10129d3cceaefa918b25a432c67db8bf73f110a6957ca7f5cc96db749601fed550e0357bf67c84de2721d9692b8785c295fc7a1537b42c68b461a9

    • SSDEEP

      96:rVl/7KOuFlKHMpXGu8FX6eT3sQk1u2QmIGjbAQvL7hDAbUlV:rVl+hSs2u85TTHkZQmbbLL7hDMo

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks