Overview

overview

10

Static

static

f267ef9391...81.exe

windows7_x64

10

f267ef9391...81.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f267ef939162249312b0bc6dac0113637a6937dcb65f0c39db397ee60378a681

  • Size

    524KB

  • Sample

    220305-zsqgnaahfn

  • MD5

    89f32d59706dc910bdd05f198d6544d4

  • SHA1

    e4e79d4887d1ab43b2c6ee10189efb1130dde1ea

  • SHA256

    f267ef939162249312b0bc6dac0113637a6937dcb65f0c39db397ee60378a681

  • SHA512

    1df27d3c31599cdcfd593614de3ff7ef3c72253a8821371a1bf6729a20269b22e4d86473ff5774d0e1b5accdbe4367a97d8c06746fadc930821d45b21c834445

Score
10/10
discoverysuricata

Malware Config

Targets

    • Target

      f267ef939162249312b0bc6dac0113637a6937dcb65f0c39db397ee60378a681

    • Size

      524KB

    • MD5

      89f32d59706dc910bdd05f198d6544d4

    • SHA1

      e4e79d4887d1ab43b2c6ee10189efb1130dde1ea

    • SHA256

      f267ef939162249312b0bc6dac0113637a6937dcb65f0c39db397ee60378a681

    • SHA512

      1df27d3c31599cdcfd593614de3ff7ef3c72253a8821371a1bf6729a20269b22e4d86473ff5774d0e1b5accdbe4367a97d8c06746fadc930821d45b21c834445

    Score
    10/10
    discoverysuricata

    • suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

      suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

      suricata

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks