General
-
Target
Desktop.rar
-
Size
2.1MB
-
Sample
250114-q9152szle1
-
MD5
08c22648fa1ff4abfefa226993423a40
-
SHA1
406a9649ea645a645e992a6c6276fdb3d4c441d9
-
SHA256
377a611591daabe9213a0f478f312f3e9889e12ffa8afcf1a30cabb0e6799e5d
-
SHA512
74bc3a254956353617d11887cad7fdd5755329fc3009fd245ea0263756dc3733ed39707fceb2bfafde948c977a5d33473a9aced5712a80f5b0e96255e12dce45
-
SSDEEP
49152:XExA5BjA/JLUA0eLgUKBUsY6WuHpnZaLC8s2oxCET:XEq5BjAivMKKsY6x+Ce/ET
Malware Config
Targets
-
-
Target
Desktop.rar
-
Size
2.1MB
-
MD5
08c22648fa1ff4abfefa226993423a40
-
SHA1
406a9649ea645a645e992a6c6276fdb3d4c441d9
-
SHA256
377a611591daabe9213a0f478f312f3e9889e12ffa8afcf1a30cabb0e6799e5d
-
SHA512
74bc3a254956353617d11887cad7fdd5755329fc3009fd245ea0263756dc3733ed39707fceb2bfafde948c977a5d33473a9aced5712a80f5b0e96255e12dce45
-
SSDEEP
49152:XExA5BjA/JLUA0eLgUKBUsY6WuHpnZaLC8s2oxCET:XEq5BjAivMKKsY6x+Ce/ET
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-