Overview

overview

8

Static

static

3

Hi/Mapper.exe

windows11-21h2-x64

8

Hi/owo.exe

windows11-21h2-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Hi.rar

  • Size

    17.9MB

  • Sample

    240803-eee4jsxbma

  • MD5

    92c31e48d8a7edbd4e0aff8859204ca7

  • SHA1

    80ef2b359c967be1b994a7dd160f0e896e0de81a

  • SHA256

    2076b4163b6093444d19190c53e7ff3a931778e8dcd8b759d94d7f2cf8faecab

  • SHA512

    d9a0d56aa9d5978be45402379db03a024f3b1d1e2d76661bcebbaaa8cf96e3a9f82ce547338a7f746a94112caa67b12034f7b8f1bd0180c1dc3070359e4617c5

  • SSDEEP

    393216:mXsx23dO79GxYYLf2QnCN0QJL54V/UWRg/J:mXN3g7gxYs2QSPJ4G

Score
8/10
persistence

Malware Config

Targets

    • Target

      Hi/Mapper.exe

    • Size

      90KB

    • MD5

      16f11262ba1de7353ffa5760aa7afb61

    • SHA1

      776bfc94834af61c9103119b8b663a7e35549eb5

    • SHA256

      a1be2f49ffcb3ba2b87263a2cb76e1c376e7cedaebee8ad9995e98f16243cb69

    • SHA512

      f55fc268172af49e2def51f000964935baaeb6bc3c149f056ac4e25b47a0662e63016068f06e4e18b1f9d5f044b6c510631f507f789e7f99ce7a0e435645fd0d

    • SSDEEP

      1536:oUKG/o39iH05Za7H7N73kO2ZiMoaDDC682jeMHABuMd:oUK539K05A7Nyh182QkM

    Score
    8/10
    persistence
    behavioral1

    • Target

      Hi/owo.exe

    • Size

      20.7MB

    • MD5

      d460573ca306c2990e363a1331de43a7

    • SHA1

      d5556260fd9d769ccaea46d329589ab87e778c3f

    • SHA256

      793c43fdd0ad1d22f564d110c84c08f41d968065e6162327b134a0226b802213

    • SHA512

      6249630df6fbd87a583f110a37815c4590e45692244046c11fdbe6bfd2cfc5f28adc11ac55bef5a2ebb290835f4dd36b5e164c2a6178cefe57002276879593a8

    • SSDEEP

      393216:TG+fJMUecs6bQDTt5ibbJIcpXcJHieKCRdjKIIZHu9jr+ifhSQ:ps7+QDCbSoXcDKs2IIwttfhd

    Score
    5/10

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral2

MITRE ATT&CK Enterprise v15

Tasks