Overview

overview

5

task1

 

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e35f97cbb3fc7c49c7bd5f298f6f067942930a32790e8f320d28826e11d741d

  • Size

    174KB

  • Sample

    191212-fvh92thkbj

  • MD5

    f50ff0b58b7abcea44fe2acdc619353b

  • SHA1

    eabfed7e335f0f0117c7dc97ee8941fb720fb46d

  • SHA256

    3e35f97cbb3fc7c49c7bd5f298f6f067942930a32790e8f320d28826e11d741d

  • SHA512

    e12ccf028d63c9b18af716be0b5b00586330b7dca4f4de96edd9bcae06f2088a273b58dd8f5955020c13bc3cfd65f02f1fc1d78d33d43a9ebcd204102e77746e

Score
5/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://polandpresents.info/libraries/65284EU/
exe.dropper

http://nbnglobalhk.com/cgi-bin/32n2/
exe.dropper

http://armgroup101.com/Old1/cpfa/
exe.dropper

https://pasadenacf.org/wp-content-orig/akzk9i/
exe.dropper

http://armanchemical.com/wp-content/9Bg1ybsr/

Targets

    • Target

      3e35f97cbb3fc7c49c7bd5f298f6f067942930a32790e8f320d28826e11d741d

    • Size

      174KB

    • MD5

      f50ff0b58b7abcea44fe2acdc619353b

    • SHA1

      eabfed7e335f0f0117c7dc97ee8941fb720fb46d

    • SHA256

      3e35f97cbb3fc7c49c7bd5f298f6f067942930a32790e8f320d28826e11d741d

    • SHA512

      e12ccf028d63c9b18af716be0b5b00586330b7dca4f4de96edd9bcae06f2088a273b58dd8f5955020c13bc3cfd65f02f1fc1d78d33d43a9ebcd204102e77746e

    Score
    5/10

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks