Overview

overview

7

Static

static

1

Fatalservices.rar

windows7-x64

7

Fatalservices.rar

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Fatalservices.rar

  • Size

    2.8MB

  • Sample

    240603-awtaaaea38

  • MD5

    ddebc77ef72c95f07d3dc0f0018e1c8e

  • SHA1

    4ab642a7d73885f5702c1a10dfb20bf00c41c683

  • SHA256

    c7c9658716d69b50009eb23459c62fa6305a1102f01e197a04cc82fba333290a

  • SHA512

    92b97782d7dd45cbaa392bbcba97fde3370597d910fb2ac39feccaaa2e85db65c5118b9bc8c82d78b0944213565150491b708c7d4da4769a25af59d880d3bcd8

  • SSDEEP

    49152:eYO6W/JsA0rUfVcFV3X5XB7JaGu2fkNyEoqSvJfQm4SG6qakPlQ39CvNZEFWjYPu:eYO6W/JH8UOFV3pBIX2fkQEeNQQG3Pms

Score
7/10
agilenet

Malware Config

Targets

    • Target

      Fatalservices.rar

    • Size

      2.8MB

    • MD5

      ddebc77ef72c95f07d3dc0f0018e1c8e

    • SHA1

      4ab642a7d73885f5702c1a10dfb20bf00c41c683

    • SHA256

      c7c9658716d69b50009eb23459c62fa6305a1102f01e197a04cc82fba333290a

    • SHA512

      92b97782d7dd45cbaa392bbcba97fde3370597d910fb2ac39feccaaa2e85db65c5118b9bc8c82d78b0944213565150491b708c7d4da4769a25af59d880d3bcd8

    • SSDEEP

      49152:eYO6W/JsA0rUfVcFV3X5XB7JaGu2fkNyEoqSvJfQm4SG6qakPlQ39CvNZEFWjYPu:eYO6W/JH8UOFV3pBIX2fkQEeNQQG3Pms

    Score
    7/10
    agilenet

    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks