General

  • Target

    ElSaifyApp.exe

  • Size

    21.3MB

  • Sample

    240826-swtvxssdpj

  • MD5

    4b8032177a2ab575523c123abbeebaf4

  • SHA1

    95dc70c0ca6707fc307357f5e94b320b6e709d4a

  • SHA256

    8ebdc838216071b6a38d0ac5b8e2b3bd827aed38d935850e29b2ecd3e242e5bd

  • SHA512

    84769a2f577ed5659b1a54e8a631713842dfbfeb8a4e0d6d1917d9c3b592abfae3a92c4c2c5536389cffe9fa4c29d1dd94914db75566ada1a0e6729ffdec2f25

  • SSDEEP

    393216:BNVxIfuPmfJ31Xx5qhDhevwnt1wiekhg7H/B+B17lSTU2ykfK:BJcuPW1Be1eICbkO7fAB1RSTUYC

Score
7/10

Malware Config

Targets

    • Target

      ElSaifyApp.exe

    • Size

      21.3MB

    • MD5

      4b8032177a2ab575523c123abbeebaf4

    • SHA1

      95dc70c0ca6707fc307357f5e94b320b6e709d4a

    • SHA256

      8ebdc838216071b6a38d0ac5b8e2b3bd827aed38d935850e29b2ecd3e242e5bd

    • SHA512

      84769a2f577ed5659b1a54e8a631713842dfbfeb8a4e0d6d1917d9c3b592abfae3a92c4c2c5536389cffe9fa4c29d1dd94914db75566ada1a0e6729ffdec2f25

    • SSDEEP

      393216:BNVxIfuPmfJ31Xx5qhDhevwnt1wiekhg7H/B+B17lSTU2ykfK:BJcuPW1Be1eICbkO7fAB1RSTUYC

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks