General
-
Target
Rapihuyet.exe
-
Size
7.3MB
-
Sample
240907-cz55cs1cqa
-
MD5
dd2bcc0383926ea822c841a2f8c0bf9f
-
SHA1
e04373bdbd49f223ca52b4db4926337cd3a0eff9
-
SHA256
5971e773c29143d5c6c5a3af21f5d2b50c0c592b5780d62f60aea54acabfc6c8
-
SHA512
8739fc04fe2afac4709a30be14caa356a32329214514080ee339c39323c10d727a52b39f343463aebabcb9f7ec98a97e2f5a5b7860f4c3852ee0a03cb38b13c8
-
SSDEEP
196608:VaM0if0/Yn4TuHXevE5BNWKOleB4iP6U0vCYR/z:L0if0y4TU3BNWblA76tz
Static task
static1
Behavioral task
behavioral1
Sample
Rapihuyet.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Rapihuyet.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Rapihuyet.exe
-
Size
7.3MB
-
MD5
dd2bcc0383926ea822c841a2f8c0bf9f
-
SHA1
e04373bdbd49f223ca52b4db4926337cd3a0eff9
-
SHA256
5971e773c29143d5c6c5a3af21f5d2b50c0c592b5780d62f60aea54acabfc6c8
-
SHA512
8739fc04fe2afac4709a30be14caa356a32329214514080ee339c39323c10d727a52b39f343463aebabcb9f7ec98a97e2f5a5b7860f4c3852ee0a03cb38b13c8
-
SSDEEP
196608:VaM0if0/Yn4TuHXevE5BNWKOleB4iP6U0vCYR/z:L0if0y4TU3BNWblA76tz
Score7/10-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-