Overview

overview

5

task1

 

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cc686aa36e1fde83f5e090c32dde43260d5e04e3e6a7e71541e683ce2a43c566

  • Size

    178KB

  • Sample

    191212-6zcgevhban

  • MD5

    42380357e150e54573b0655e91e1b214

  • SHA1

    e3905a4f6e200efcf16f020e460f1486c5291046

  • SHA256

    cc686aa36e1fde83f5e090c32dde43260d5e04e3e6a7e71541e683ce2a43c566

  • SHA512

    2a3b9718a35dfb5a8c92b97d9f9713752ec12a616463a557e76fd753b4d551731113cdd8d63a9ac2c742619356842c2cdf06e4ee2958c93a778154020356f66e

Score
5/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://theaustinochuks.com/personal_array/kvrmif/
exe.dropper

http://sarafifallahi.com/wp-admin/uUXtpLhI/
exe.dropper

http://faustosarli.com/wp-admin/mYZW0/
exe.dropper

http://janejahan.com/wp-content/hqiw1u9/
exe.dropper

http://vikstory.ca/h/f2cgRvw/

Targets

    • Target

      cc686aa36e1fde83f5e090c32dde43260d5e04e3e6a7e71541e683ce2a43c566

    • Size

      178KB

    • MD5

      42380357e150e54573b0655e91e1b214

    • SHA1

      e3905a4f6e200efcf16f020e460f1486c5291046

    • SHA256

      cc686aa36e1fde83f5e090c32dde43260d5e04e3e6a7e71541e683ce2a43c566

    • SHA512

      2a3b9718a35dfb5a8c92b97d9f9713752ec12a616463a557e76fd753b4d551731113cdd8d63a9ac2c742619356842c2cdf06e4ee2958c93a778154020356f66e

    Score
    5/10

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks