General

  • Target

    Downloads.rar

  • Size

    2.1MB

  • Sample

    250114-smjcts1ngt

  • MD5

    ebdad88cbaa5a9c9e8172587aef72009

  • SHA1

    c9ca89ba2b795d6e78d0eaa8e7c98011598f46e4

  • SHA256

    fc29efbe71662184fabdd325fb81def32198ac9a82c7987e6a3f37f5e4e9167c

  • SHA512

    1fe9f77c6ff7e4aef97760bbe3226eade2478f99a432d9675f77bd963bf45970ffdd08eca9cef458de6fabebb948ae211613becd80042d18b94844a9771229f8

  • SSDEEP

    49152:+qBgM/K0Tapi4BWFu3dflKcVJ1bsRvWk8SgbtnIfw+rGeKIa:+qS2BTf4BWFu3hI4sRvgIlY

Score
7/10

Malware Config

Targets

    • Target

      Downloads.rar

    • Size

      2.1MB

    • MD5

      ebdad88cbaa5a9c9e8172587aef72009

    • SHA1

      c9ca89ba2b795d6e78d0eaa8e7c98011598f46e4

    • SHA256

      fc29efbe71662184fabdd325fb81def32198ac9a82c7987e6a3f37f5e4e9167c

    • SHA512

      1fe9f77c6ff7e4aef97760bbe3226eade2478f99a432d9675f77bd963bf45970ffdd08eca9cef458de6fabebb948ae211613becd80042d18b94844a9771229f8

    • SSDEEP

      49152:+qBgM/K0Tapi4BWFu3dflKcVJ1bsRvWk8SgbtnIfw+rGeKIa:+qS2BTf4BWFu3hI4sRvgIlY

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks