General

  • Target

    Downloads.rar

  • Size

    5.0MB

  • Sample

    240609-jk35sage57

  • MD5

    9e55cc5d7715cf4e5881782c14bbfc0f

  • SHA1

    08e9706c6f5b13bb1cc3fd594c8a332b4aca5efb

  • SHA256

    5f91207605862cbb40137f40a8a2ffde52c4f448bd16d64cdbe4985778b7e405

  • SHA512

    bc884bbab5437f7ffee95b2106ecb22a7499cc312de56371d0b091d6c1738bc4e357357482fd968812d080c53a3230d246425c76ec1ee34d6cf358ec4380b5ff

  • SSDEEP

    98304:TWzkjQQIsRYxL181B0yi5j6YoLtByGMnhCCvN/kWGuYqTmw9j:TakFREqBo5j6YoLtM1CCvNsWRYqph

Score
8/10

Malware Config

Targets

    • Target

      balls.exe

    • Size

      5.1MB

    • MD5

      08962d53376091e3387b4ffac36d8cc8

    • SHA1

      39768af1242a332c3d79450feae9fecc768dbc34

    • SHA256

      3b86527b1f49d776b9ec0d2ab87be2bd23069c5c4ada6c2fb46abf62f42262a4

    • SHA512

      5830e607d304a07ec8b73b31ced43355e6a6d434292f6551a3fcf73d190ff4126696ad08ea6b513e6e55a5265ed3271da61c5c805e25e7373d1f8da59799c2e8

    • SSDEEP

      98304:tvFCHoiGfuHyJE/VFuePSLCg8hvl8Uv5NyI7LXE/QTtLWRvnSk+utYJowTItilSj:t0IiGCVFuePSLCgCvlvNyqm6tyZdYJo1

    Score
    8/10
    • Stops running service(s)

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      x96dbg.exe

    • Size

      157KB

    • MD5

      a4bc87a710ce348b15ff35a273ffdd9f

    • SHA1

      f63a756959382ec29a770c61cc3ee62739238929

    • SHA256

      45faa1035ef2dde47be2b728dd9cd8b2181c55331528886b8d17202446831242

    • SHA512

      40b45b6fa04abe60d30e295b7d78b7dd54b32d4110b902f26391a4e665989732928cba6fc044201ad2c67f8bd95a489d430e34e92ddfa89a0e31f4b398e60da0

    • SSDEEP

      3072:UCa3YjMaTeH+87s/jxH7vrsIo4iFkThDEk22aX:Kc5EkZTr1iaDt2FX

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks