General
-
Target
Downloads.rar
-
Size
2.1MB
-
Sample
250114-smjcts1ngt
-
MD5
ebdad88cbaa5a9c9e8172587aef72009
-
SHA1
c9ca89ba2b795d6e78d0eaa8e7c98011598f46e4
-
SHA256
fc29efbe71662184fabdd325fb81def32198ac9a82c7987e6a3f37f5e4e9167c
-
SHA512
1fe9f77c6ff7e4aef97760bbe3226eade2478f99a432d9675f77bd963bf45970ffdd08eca9cef458de6fabebb948ae211613becd80042d18b94844a9771229f8
-
SSDEEP
49152:+qBgM/K0Tapi4BWFu3dflKcVJ1bsRvWk8SgbtnIfw+rGeKIa:+qS2BTf4BWFu3hI4sRvgIlY
Malware Config
Targets
-
-
Target
Downloads.rar
-
Size
2.1MB
-
MD5
ebdad88cbaa5a9c9e8172587aef72009
-
SHA1
c9ca89ba2b795d6e78d0eaa8e7c98011598f46e4
-
SHA256
fc29efbe71662184fabdd325fb81def32198ac9a82c7987e6a3f37f5e4e9167c
-
SHA512
1fe9f77c6ff7e4aef97760bbe3226eade2478f99a432d9675f77bd963bf45970ffdd08eca9cef458de6fabebb948ae211613becd80042d18b94844a9771229f8
-
SSDEEP
49152:+qBgM/K0Tapi4BWFu3dflKcVJ1bsRvWk8SgbtnIfw+rGeKIa:+qS2BTf4BWFu3hI4sRvgIlY
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Legitimate hosting services abused for malware hosting/C2
-