General

  • Target

    1cf76618b0a66ed08c90f62b5bb72789d0552632e669c394668699933f503602

  • Size

    183KB

  • Sample

    191213-vy2ltkqef2

  • MD5

    38c3e2dfba9fb147619b1ac0656c9324

  • SHA1

    19a76c0881ba416cc553734de58d3acba969e497

  • SHA256

    1cf76618b0a66ed08c90f62b5bb72789d0552632e669c394668699933f503602

  • SHA512

    d1baf906c461bac9871d01567c3a9034654ce33e49aea60d0093653b6c897fa1b6ea7af26be25faf8330339016db026bb6df706a73ee4e7d1388fbdd3f04e639

Score
8/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://bahcelievler-rotary.org/wp-admin/x4PHK0/

exe.dropper

https://sageth.net/wp-content/fu9yz/

exe.dropper

https://newlandred.com/wp-snapshots/CsfcooA/

exe.dropper

https://hellothuoctot.com/wp-content/VzMjXw/

exe.dropper

http://www.enegix.com/wp-includes/21fap/

Targets

    • Target

      1cf76618b0a66ed08c90f62b5bb72789d0552632e669c394668699933f503602

    • Size

      183KB

    • MD5

      38c3e2dfba9fb147619b1ac0656c9324

    • SHA1

      19a76c0881ba416cc553734de58d3acba969e497

    • SHA256

      1cf76618b0a66ed08c90f62b5bb72789d0552632e669c394668699933f503602

    • SHA512

      d1baf906c461bac9871d01567c3a9034654ce33e49aea60d0093653b6c897fa1b6ea7af26be25faf8330339016db026bb6df706a73ee4e7d1388fbdd3f04e639

    Score
    8/10
    • Executes dropped EXE

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Tasks