Overview

overview

5

task1

 

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7f734ca6856681e74ac65b18dc5ee9224830a958d80f9630e4a335974c8dec3d

  • Size

    177KB

  • Sample

    191212-7aval24h4s

  • MD5

    ad978cb2e3dbee4ad6cddb0ed719db88

  • SHA1

    ab153086aeb1785b693fc8e62f42f051faf1a70f

  • SHA256

    7f734ca6856681e74ac65b18dc5ee9224830a958d80f9630e4a335974c8dec3d

  • SHA512

    fc5ff69d1a014c37d65ebd739e5d5db81d8bd0ab5d06c17e1f4c5636cbae5aff2772d49828de276cbdb6b494cf28aeb0958cf9b105f5774ec5308c47ad650288

Score
5/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://theaustinochuks.com/personal_array/kvrmif/
exe.dropper

http://sarafifallahi.com/wp-admin/uUXtpLhI/
exe.dropper

http://faustosarli.com/wp-admin/mYZW0/
exe.dropper

http://janejahan.com/wp-content/hqiw1u9/
exe.dropper

http://vikstory.ca/h/f2cgRvw/

Targets

    • Target

      7f734ca6856681e74ac65b18dc5ee9224830a958d80f9630e4a335974c8dec3d

    • Size

      177KB

    • MD5

      ad978cb2e3dbee4ad6cddb0ed719db88

    • SHA1

      ab153086aeb1785b693fc8e62f42f051faf1a70f

    • SHA256

      7f734ca6856681e74ac65b18dc5ee9224830a958d80f9630e4a335974c8dec3d

    • SHA512

      fc5ff69d1a014c37d65ebd739e5d5db81d8bd0ab5d06c17e1f4c5636cbae5aff2772d49828de276cbdb6b494cf28aeb0958cf9b105f5774ec5308c47ad650288

    Score
    5/10

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks