General
-
Target
Desktop.rar
-
Size
6.5MB
-
Sample
250114-tknefavkbk
-
MD5
c73e6f597e7a13d6bf3f0bceaf2b10d5
-
SHA1
55122dac0c46dd04552bc52b8b22aa793dc92223
-
SHA256
1b4cd820aeea1e2c3cf9da942cf5bee0cedaa61e7b46732567825fff7b40e0f1
-
SHA512
06f8f35b3024823e190bdf6b064df0311508b203a170e0829f1ee9157f8696799d4a15999a0d8aa6abc20855de83880000f0393fbdc760e003993c8e80abdec5
-
SSDEEP
98304:CEq5BjAivMKKsY6x+Ce/E8qS242FGBcjPRuW6mk+kJJtdWWtrYUfr+fKxFsRvgI4:ClMKKsNGZT2FGBMPa+0JXYUjyzplm
Malware Config
Targets
-
-
Target
Desktop.rar
-
Size
6.5MB
-
MD5
c73e6f597e7a13d6bf3f0bceaf2b10d5
-
SHA1
55122dac0c46dd04552bc52b8b22aa793dc92223
-
SHA256
1b4cd820aeea1e2c3cf9da942cf5bee0cedaa61e7b46732567825fff7b40e0f1
-
SHA512
06f8f35b3024823e190bdf6b064df0311508b203a170e0829f1ee9157f8696799d4a15999a0d8aa6abc20855de83880000f0393fbdc760e003993c8e80abdec5
-
SSDEEP
98304:CEq5BjAivMKKsY6x+Ce/E8qS242FGBcjPRuW6mk+kJJtdWWtrYUfr+fKxFsRvgI4:ClMKKsNGZT2FGBMPa+0JXYUjyzplm
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-