Overview

overview

10

Static

static

good5.exe

windows7_x64

10

good5.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    good5.exe

  • Size

    134KB

  • Sample

    201109-16zk2rxprn

  • MD5

    5f3450647a951c4c8a262f603ca8aabf

  • SHA1

    0dc1e18dc14a9e6d5dedf644b4d690075e77bbff

  • SHA256

    ea05817e0614fd085e2775d01e7197e93bde58cf57789aeb49ed39f6c295973c

  • SHA512

    8f2eff9a18b27b3bce75f9b7c0c0b3d947344c7acd71e54ee398ca15b089f1000dbb1643ad2c8d0d21dccf5dc54fd4af7c15e3a4cafa150dd8e13bcb5a8e04e0

Score
10/10
ostapdownloaderpersistence

Malware Config

Targets

    • Target

      good5.exe

    • Size

      134KB

    • MD5

      5f3450647a951c4c8a262f603ca8aabf

    • SHA1

      0dc1e18dc14a9e6d5dedf644b4d690075e77bbff

    • SHA256

      ea05817e0614fd085e2775d01e7197e93bde58cf57789aeb49ed39f6c295973c

    • SHA512

      8f2eff9a18b27b3bce75f9b7c0c0b3d947344c7acd71e54ee398ca15b089f1000dbb1643ad2c8d0d21dccf5dc54fd4af7c15e3a4cafa150dd8e13bcb5a8e04e0

    Score
    10/10
    ostapdownloaderpersistence

    • Ostap JavaScript Downloader

      Ostap is a JavaScript downloader that's been active since 2016. It's used to deliver several families, inluding TrickBot

    • ostap

      Ostap is a JS downloader, used to deliver other families.

      downloaderostap

    • Adds Run key to start application

      persistence

    • JavaScript code in executable

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks