hxxps://files777[.]com/pVr5J29b4b9d3927e49789a254b7c85c089cb4110575c?q=karate+olympics+2020&s2=kg6su9i612m | Triage

Submit
Reports

Overview

overview

Static

static

URLScan

urlscan

https://files777.com...

windows10_x64

9

Sharing

General

Target

https://files777.com/pVr5J29b4b9d3927e49789a254b7c85c089cb4110575c?q=karate+olympics+2020&s2=kg6su9i612m
Sample

201124-fgrqy1jzja

Score

10^/10

fakeflashupdate discovery evasion phishing

Static task

static1

URLScan task

urlscan1

Sample

https://files777.com/pVr5J29b4b9d3927e49789a254b7c85c089cb4110575c?q=karate+olympics+2020&s2=kg6su9i612m

Behavioral task

behavioral1

Sample

https://files777.com/pVr5J29b4b9d3927e49789a254b7c85c089cb4110575c?q=karate+olympics+2020&s2=kg6su9i612m

Resource

win10v20201028

discovery evasion

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  https://files777.com/pVr5J29b4b9d3927e49789a254b7c85c089cb4110575c?q=karate+olympics+2020&s2=kg6su9i612m
Score

9^/10

discovery evasion
- ServiceHost packer
  Detects ServiceHost packer used for .NET malware
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- JavaScript code in executable
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

urlscan1

behavioral1

discoveryevasion

© 2018-2024

Terms | Privacy