Overview

overview

8

task1

 

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b5a08616de54d1c16e34827053fbdfa6933ebc44c62d6cca06e1f3edb83b035c

  • Size

    73KB

  • Sample

    191212-cy95p1s74s

  • MD5

    f46de8b92dd270a9558337f60860a9d5

  • SHA1

    885dcccf94484527ba52fe2c67f01f903fe6a6f6

  • SHA256

    b5a08616de54d1c16e34827053fbdfa6933ebc44c62d6cca06e1f3edb83b035c

  • SHA512

    ac4038e12aad54a9876633ce82316aeefcadc58b87c45a33ed5518d581d47cf03d82b0b1f058122b5b1e370db5089bdf55630fd19aa8472de2b172f4cf3a1fd1

Score
8/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://gizelemonteiro.com/wp-admin/5f8818855/
exe.dropper

https://edu.widion.com/wp-admin/vhds4257/
exe.dropper

http://mainguardmatrimony.com/wp-content/ak36/
exe.dropper

http://www.mediahubml.com/sdccrecap/2d84774/
exe.dropper

https://www.oshodrycleaning.com/aspnet_client/E/b2em3bp37795/

Targets

    • Target

      b5a08616de54d1c16e34827053fbdfa6933ebc44c62d6cca06e1f3edb83b035c

    • Size

      73KB

    • MD5

      f46de8b92dd270a9558337f60860a9d5

    • SHA1

      885dcccf94484527ba52fe2c67f01f903fe6a6f6

    • SHA256

      b5a08616de54d1c16e34827053fbdfa6933ebc44c62d6cca06e1f3edb83b035c

    • SHA512

      ac4038e12aad54a9876633ce82316aeefcadc58b87c45a33ed5518d581d47cf03d82b0b1f058122b5b1e370db5089bdf55630fd19aa8472de2b172f4cf3a1fd1

    Score
    8/10

    • Executes dropped EXE

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks