ioc[.]one - OSINT Cyber Threat Intelligence Database

Unpacking yet another .NET crypter | Malwarebytes Labs

Tags

attack-pattern:

Data Malware - T1587.001 Malware - T1588.001 Process Hollowing - T1055.012 Python - T1059.006 Tool - T1588.002 Process Hollowing - T1093

Show in Graph

Common Information

Type	Value
UUID	d9479b61-53d5-4bea-919a-22b985f8d912
Fingerprint	2e4119b9a13fb47d
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 29, 2016, midnight
Added to db	Jan. 18, 2023, 8:35 p.m.
Last updated	Nov. 14, 2024, 8:09 a.m.
Headline	Unpacking yet another .NET crypter
Title	Unpacking yet another .NET crypter \| Malwarebytes Labs
Detected Hints/Tags/Attributes	24/1/11

Source URLs

	Redirection	Url
Details	Source	https://blog.malwarebytes.com/threat-analysis/2016/07/unpacking-yet-another-net-crypter/

URL Provider

Details	Provider	Source level domain
Details	malwarebytes.com	blog.malwarebytes.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	31		hshrzd.wordpress.com
Details	File	70		vbc.exe
Details	File	103		regasm.exe
Details	File	48		applaunch.exe
Details	File	380		notepad.exe
Details	File	1		msil_dec.py
Details	File	55		payload.exe
Details	md5	1		388548d34807fee28dede8b411063927
Details	md5	1		3a5cc47413cd815b44a0329100e552da
Details	md5	1		07a08cf5211665dfcd090e7bab6c8608
Details	Url	28		https://hshrzd.wordpress.com