Overview

overview

10

Static

static

URLScan

urlscan

https://cryptomoneyi...

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://cryptomoneyinsider.biz/cryptopayself?cpm_id=108012425&cpm_cost=0.0015

  • Sample

    201122-alnv3aam4j

Score
10/10

Malware Config

Targets

    • Target

      https://cryptomoneyinsider.biz/cryptopayself?cpm_id=108012425&cpm_cost=0.0015

    Score
    10/10

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • ServiceHost packer

      Detects ServiceHost packer used for .NET malware

    • Blacklisted process makes network request

    • Executes dropped EXE

    • Program crash

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks