General

  • Target

    a038cf5f99d17df1e223aaf2f5f80b4b4a440a4e

  • Size

    209KB

  • Sample

    191018-7wl797zm62

  • MD5

    c2af6d564b13af07b536e592dc0ac4d4

  • SHA1

    a038cf5f99d17df1e223aaf2f5f80b4b4a440a4e

  • SHA256

    ba6af8e68fc67d929a1567eef3a86c1ba481f4f55ee203a17b4e0ee81ec58f41

  • SHA512

    d5e402e4ec1f7444a5487f86a4ae2a7d612fee5ad7ff395ac7c6fbe74271d5435de61c8459241d0e9b2b9b6b4e81f6a9219b5863d9897675b01a08ac06940348

Score
10/10

Malware Config

Extracted

Family

ursnif

Botnet

1000

C2

http://weekends-estate.xyz

rsa_pubkey.base64
serpent.plain

Targets

    • Target

      a038cf5f99d17df1e223aaf2f5f80b4b4a440a4e

    • Size

      209KB

    • MD5

      c2af6d564b13af07b536e592dc0ac4d4

    • SHA1

      a038cf5f99d17df1e223aaf2f5f80b4b4a440a4e

    • SHA256

      ba6af8e68fc67d929a1567eef3a86c1ba481f4f55ee203a17b4e0ee81ec58f41

    • SHA512

      d5e402e4ec1f7444a5487f86a4ae2a7d612fee5ad7ff395ac7c6fbe74271d5435de61c8459241d0e9b2b9b6b4e81f6a9219b5863d9897675b01a08ac06940348

    Score
    10/10
    • ursnif family

    • Windows security modification

    • Checks system information in the registry (likely anti-VM)

    • Modifies service

MITRE ATT&CK Enterprise v6

Tasks