General
-
Target
2068677510.exe
-
Size
7.5MB
-
Sample
240703-r1w1eatbka
-
MD5
cb394a6f354f693a9236583fa445395b
-
SHA1
2ed6ddc7ad28f50aee0ae7561e49fecf5d8c4f38
-
SHA256
f9a60282724ecb92336187d3c5aa3d2f8c3c7e3fd235e351268eb509f24246df
-
SHA512
4bf152e4418ed3492b0638fc22f64adbbe030ff9afe3a7aef4fd0e94e6949b4938d7f0b2b724eb7301facd5364dd2769130871f48c45c5b3d742a000e62311e9
-
SSDEEP
196608:0ds1VjAXZARCfxSqCeHUn4XCGXhpTD0NvKZGsKijlT:0sfsJffsje0n4yGXhm5KZpBT
Static task
static1
Behavioral task
behavioral1
Sample
2068677510.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
2068677510.exe
-
Size
7.5MB
-
MD5
cb394a6f354f693a9236583fa445395b
-
SHA1
2ed6ddc7ad28f50aee0ae7561e49fecf5d8c4f38
-
SHA256
f9a60282724ecb92336187d3c5aa3d2f8c3c7e3fd235e351268eb509f24246df
-
SHA512
4bf152e4418ed3492b0638fc22f64adbbe030ff9afe3a7aef4fd0e94e6949b4938d7f0b2b724eb7301facd5364dd2769130871f48c45c5b3d742a000e62311e9
-
SSDEEP
196608:0ds1VjAXZARCfxSqCeHUn4XCGXhpTD0NvKZGsKijlT:0sfsJffsje0n4yGXhm5KZpBT
Score7/10-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-