General

  • Target

    Rapihuyet.exe

  • Size

    7.3MB

  • Sample

    240907-cz55cs1cqa

  • MD5

    dd2bcc0383926ea822c841a2f8c0bf9f

  • SHA1

    e04373bdbd49f223ca52b4db4926337cd3a0eff9

  • SHA256

    5971e773c29143d5c6c5a3af21f5d2b50c0c592b5780d62f60aea54acabfc6c8

  • SHA512

    8739fc04fe2afac4709a30be14caa356a32329214514080ee339c39323c10d727a52b39f343463aebabcb9f7ec98a97e2f5a5b7860f4c3852ee0a03cb38b13c8

  • SSDEEP

    196608:VaM0if0/Yn4TuHXevE5BNWKOleB4iP6U0vCYR/z:L0if0y4TU3BNWblA76tz

Score
7/10

Malware Config

Targets

    • Target

      Rapihuyet.exe

    • Size

      7.3MB

    • MD5

      dd2bcc0383926ea822c841a2f8c0bf9f

    • SHA1

      e04373bdbd49f223ca52b4db4926337cd3a0eff9

    • SHA256

      5971e773c29143d5c6c5a3af21f5d2b50c0c592b5780d62f60aea54acabfc6c8

    • SHA512

      8739fc04fe2afac4709a30be14caa356a32329214514080ee339c39323c10d727a52b39f343463aebabcb9f7ec98a97e2f5a5b7860f4c3852ee0a03cb38b13c8

    • SSDEEP

      196608:VaM0if0/Yn4TuHXevE5BNWKOleB4iP6U0vCYR/z:L0if0y4TU3BNWblA76tz

    Score
    7/10
    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks