Overview

overview

8

task1

 

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9411b56851abc2b2c215553b8dbe35c8ddc4e8e0494a9f3057d9e5dc213f9bb1

  • Size

    178KB

  • Sample

    191212-sjs17ptrre

  • MD5

    5599ce0c81d4fd4d9449cefcf2d18ce9

  • SHA1

    04a5cb62a311026fa7e241340bb956823426519b

  • SHA256

    9411b56851abc2b2c215553b8dbe35c8ddc4e8e0494a9f3057d9e5dc213f9bb1

  • SHA512

    f68b38ac162f85d4c8b16af38a333afaf308e71edeb2ec3cf38f3f47474f0bbf5c920f635787a1eb424504b235720d885c3bec598290139caa5ab4dc8002ed42

Score
8/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://theaustinochuks.com/personal_array/kvrmif/
exe.dropper

http://sarafifallahi.com/wp-admin/uUXtpLhI/
exe.dropper

http://faustosarli.com/wp-admin/mYZW0/
exe.dropper

http://janejahan.com/wp-content/hqiw1u9/
exe.dropper

http://vikstory.ca/h/f2cgRvw/

Targets

    • Target

      9411b56851abc2b2c215553b8dbe35c8ddc4e8e0494a9f3057d9e5dc213f9bb1

    • Size

      178KB

    • MD5

      5599ce0c81d4fd4d9449cefcf2d18ce9

    • SHA1

      04a5cb62a311026fa7e241340bb956823426519b

    • SHA256

      9411b56851abc2b2c215553b8dbe35c8ddc4e8e0494a9f3057d9e5dc213f9bb1

    • SHA512

      f68b38ac162f85d4c8b16af38a333afaf308e71edeb2ec3cf38f3f47474f0bbf5c920f635787a1eb424504b235720d885c3bec598290139caa5ab4dc8002ed42

    Score
    8/10

    • Executes dropped EXE

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks