General

  • Target

    InfectedStealer.exe

  • Size

    4.3MB

  • Sample

    241221-gelx7stqgy

  • MD5

    3af4ffcfa2426836921b002f88c01b26

  • SHA1

    9597bd7e519ef238c72416bd4d4945dc6fa1e05b

  • SHA256

    d468d59ea330e48277fa1dd62eccb8d05b324eacb78b8bd1e54df0c9fb83d8f9

  • SHA512

    6ebccd91ef6af4ff8b896a45a3c16aa28a8e8fb737a598e856441b6c9e59f8c6aa4af05d3abea279566b8a1196d1f05cac25661b78f3c50cde981790c8bf0a29

  • SSDEEP

    98304:PkjozJ9/im8XVBKl6tmJVPS47x/EaR5zNNHtFWIT4bNJFY3OqttIFe:XzJpjS346tmJ1xsG53tFWjBHYdIw

Score
7/10

Malware Config

Targets

    • Target

      InfectedStealer.exe

    • Size

      4.3MB

    • MD5

      3af4ffcfa2426836921b002f88c01b26

    • SHA1

      9597bd7e519ef238c72416bd4d4945dc6fa1e05b

    • SHA256

      d468d59ea330e48277fa1dd62eccb8d05b324eacb78b8bd1e54df0c9fb83d8f9

    • SHA512

      6ebccd91ef6af4ff8b896a45a3c16aa28a8e8fb737a598e856441b6c9e59f8c6aa4af05d3abea279566b8a1196d1f05cac25661b78f3c50cde981790c8bf0a29

    • SSDEEP

      98304:PkjozJ9/im8XVBKl6tmJVPS47x/EaR5zNNHtFWIT4bNJFY3OqttIFe:XzJpjS346tmJ1xsG53tFWjBHYdIw

    Score
    7/10
    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks