General

  • Target

    tewst.rar

  • Size

    3.5MB

  • Sample

    250114-tqaqjasncs

  • MD5

    309b5b7dbc12f28c04eee3f23cb9480e

  • SHA1

    a5c0cf0ee273eb6352f6b338e200459709cab531

  • SHA256

    7af4fa367855b4eef4c233c59c6fd68a9ec82596958e14b707fc677e7ce42f45

  • SHA512

    0be7b0995dd23624cea13eceb18b961bc6ae530d4f65220f94af8e08018b45404085d1e1bff4bf64d51b2304d34ffe4aa93d0496e4b47815f21895bbaf8deffb

  • SSDEEP

    98304:wEq5BjAivbsRvgKKsY6x+Ce/Ez2FGBcjPRR:wlgyKKsNV2FGBMPL

Score
7/10

Malware Config

Targets

    • Target

      tewst.rar

    • Size

      3.5MB

    • MD5

      309b5b7dbc12f28c04eee3f23cb9480e

    • SHA1

      a5c0cf0ee273eb6352f6b338e200459709cab531

    • SHA256

      7af4fa367855b4eef4c233c59c6fd68a9ec82596958e14b707fc677e7ce42f45

    • SHA512

      0be7b0995dd23624cea13eceb18b961bc6ae530d4f65220f94af8e08018b45404085d1e1bff4bf64d51b2304d34ffe4aa93d0496e4b47815f21895bbaf8deffb

    • SSDEEP

      98304:wEq5BjAivbsRvgKKsY6x+Ce/Ez2FGBcjPRR:wlgyKKsNV2FGBMPL

    Score
    7/10
    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

MITRE ATT&CK Enterprise v15

Tasks