Overview

overview

10

task1

 

10

task2

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Malware Samples(2).zip

  • Size

    11.3MB

  • Sample

    200101-1ltvh4rn42

  • MD5

    40cb422a49bfa7ae143156f73dba4149

  • SHA1

    6d97ee9291d0b9ad64e2c8da30c945dfa706809d

  • SHA256

    560d99887286ea550542c684b208ab356394e22d45571c64765653543fbf1dd3

  • SHA512

    88f6fddb6f39766fad335cf19f3a0ad364b8938a1d8714b5a7bb5a01fe1473292d66730211e530d34f0350fb2ea3ffb202fe63635e6e3147fef50d7667d5efa4

Score
10/10
evasionspywaretrojan

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://maelkajangcanopy.com/wp-admin/JBiRPnVvr/
exe.dropper

https://stylewebcruze.online/images/WLReuvW/
exe.dropper

https://stperformance.co.uk/wp-admin/toubufsC/
exe.dropper

http://jandmadventuring.servermaintain.com/wp-content/uploads/cjy4-j423i30-616378266/
exe.dropper

https://www.liuxuebook.com/wp-content/BEtxnxQWn/

Targets

    • Target

      VTDLd0e4b059d5c97b52ec3da799066cf7a7.danger

    • Size

      198KB

    • MD5

      d0e4b059d5c97b52ec3da799066cf7a7

    • SHA1

      f7bdd2737c25fd1791daaa36b00b3a10e24fae0b

    • SHA256

      c1ee6f52318aedaf24c2965c71943dd9a0e6864dc20fcf2ee9f43dbd52e746c8

    • SHA512

      f05cfeae97630ac3f9c192cdf0c32f4b63f58f4d320e5a1b6592afa4197ea7913cfea7b23316a7403ef65fc431e0460c9547e35d443c1fb63b97f68b6865811e

    Score
    10/10
    evasionspywaretrojan

    • Process spawned unexpected child process

    • Modifies system certificate store

      evasionspywaretrojan

    • Drops file in System32 directory

    task1task2

MITRE ATT&CK Enterprise v6

Tasks