General

  • Target

    5b20cf48687c33dc888aa67da1df5a20N.exe

  • Size

    7.3MB

  • Sample

    240907-gj2t8axgrr

  • MD5

    5b20cf48687c33dc888aa67da1df5a20

  • SHA1

    61e61e536edd116ce9180b9f30165d845d2617c4

  • SHA256

    7be9a2dad36040ecde725874355dbe9995eda21ad63c94e06ce850703d2c2912

  • SHA512

    53126e66a0b28e3233408e48a65ae0431cf8bed1b44bd53d2cdc8cb09d48dd26b170e3bec518632adf67603db5f89ce4cf766eec87a70f54d2c539b25d215bc4

  • SSDEEP

    196608:/2pNZ3mBlUGYbBWkaqOLXGygtVfE99vl+vtLQNum+oow9RIn:/2j1mBlCVIq6XAtZE/l+xQNu7oogqn

Score
7/10

Malware Config

Targets

    • Target

      5b20cf48687c33dc888aa67da1df5a20N.exe

    • Size

      7.3MB

    • MD5

      5b20cf48687c33dc888aa67da1df5a20

    • SHA1

      61e61e536edd116ce9180b9f30165d845d2617c4

    • SHA256

      7be9a2dad36040ecde725874355dbe9995eda21ad63c94e06ce850703d2c2912

    • SHA512

      53126e66a0b28e3233408e48a65ae0431cf8bed1b44bd53d2cdc8cb09d48dd26b170e3bec518632adf67603db5f89ce4cf766eec87a70f54d2c539b25d215bc4

    • SSDEEP

      196608:/2pNZ3mBlUGYbBWkaqOLXGygtVfE99vl+vtLQNum+oow9RIn:/2j1mBlCVIq6XAtZE/l+xQNu7oogqn

    Score
    7/10
    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks