General

  • Target

    Desktop.rar

  • Size

    2.1MB

  • Sample

    250114-q9152szle1

  • MD5

    08c22648fa1ff4abfefa226993423a40

  • SHA1

    406a9649ea645a645e992a6c6276fdb3d4c441d9

  • SHA256

    377a611591daabe9213a0f478f312f3e9889e12ffa8afcf1a30cabb0e6799e5d

  • SHA512

    74bc3a254956353617d11887cad7fdd5755329fc3009fd245ea0263756dc3733ed39707fceb2bfafde948c977a5d33473a9aced5712a80f5b0e96255e12dce45

  • SSDEEP

    49152:XExA5BjA/JLUA0eLgUKBUsY6WuHpnZaLC8s2oxCET:XEq5BjAivMKKsY6x+Ce/ET

Score
7/10

Malware Config

Targets

    • Target

      Desktop.rar

    • Size

      2.1MB

    • MD5

      08c22648fa1ff4abfefa226993423a40

    • SHA1

      406a9649ea645a645e992a6c6276fdb3d4c441d9

    • SHA256

      377a611591daabe9213a0f478f312f3e9889e12ffa8afcf1a30cabb0e6799e5d

    • SHA512

      74bc3a254956353617d11887cad7fdd5755329fc3009fd245ea0263756dc3733ed39707fceb2bfafde948c977a5d33473a9aced5712a80f5b0e96255e12dce45

    • SSDEEP

      49152:XExA5BjA/JLUA0eLgUKBUsY6WuHpnZaLC8s2oxCET:XEq5BjAivMKKsY6x+Ce/ET

    Score
    7/10
    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

MITRE ATT&CK Enterprise v15

Tasks