General

  • Target

    229bc74efaec13853ed9774d20581e3e56221d26f17c6ff6221722d9dfa80ba5

  • Size

    1.7MB

  • Sample

    220520-hx4reafbb8

  • MD5

    06bbfa0b1d4501bb3cb1f2ecf6210f1b

  • SHA1

    411efc60840edc3f847ac3388f9143872b9c8e8c

  • SHA256

    229bc74efaec13853ed9774d20581e3e56221d26f17c6ff6221722d9dfa80ba5

  • SHA512

    64b8e0148fad4be361969ad52605e7e67d0b379a2b5524a0a6f21496d2c17d6ac297545e88e12a3ec286e4b828aeafe0c700f17c6e9955ed34a1975a44168cb4

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://interfaces.core.sw.bps.com/

Targets

    • Target

      virtual_freer_v1.58/back/cards.php

    • Size

      22KB

    • MD5

      dcc8c1c2a8101c0a2fdbfba419abd8b3

    • SHA1

      48b432e1f26446ad2a1b06606bcd9b2b8f871337

    • SHA256

      81a0b4177d24b49b74709d6035713f9398fd6230ba00855f7200734ea18be413

    • SHA512

      abeef69d9f1d55786f053b985fc5d29e41ee73c81c7b3016e503ae655b3c30628b43ba32e7a17d57808226e0b1d63380ceb62c271c73c6b0354803eb2ecec1fe

    Score
    1/10
    • Target

      virtual_freer_v1.58/back/categories.php

    • Size

      13KB

    • MD5

      c405a726372ea0e2099e281004d258fa

    • SHA1

      13f3a01b9d63046ed7ab9f22cb598580580a842d

    • SHA256

      54d4349d91040b0e384132640f203a5e3fab9249221ffa51f4f058ce7d199663

    • SHA512

      e3ad7e8249b273b60735990e204ff1a2a546dcd156f640230921dbd32a9078d79989ac82d775224cc0bf596a6ad32d71e2931843f1975ee71f680d42f271dd2b

    Score
    1/10
    • Target

      virtual_freer_v1.58/back/payments.php

    • Size

      14KB

    • MD5

      f48b611c38db63ab15312a6003e30e50

    • SHA1

      4e266e0998b6f93daf8db58cb51353b47786c47d

    • SHA256

      25e9d9406ddd02669c0a010618f05b1feb7c466faac283c4e43e8b5614d8aa63

    • SHA512

      c6106adf78b37cf7609a95f00701f07b4bfa5aa8b535168106fdadbbce7fc1f85f58833571f9f442128f56731f736a70619c55a2f62ba8bf83f00c093ff796c9

    Score
    1/10
    • Target

      virtual_freer_v1.58/back/plugins.php

    • Size

      4KB

    • MD5

      0e345efa8ad6f80317d2d78ceefd01ea

    • SHA1

      4ebc3394b116f156830a65acbaf2f0b0a39bdf5f

    • SHA256

      edb4f7476ccd8e2e0019bff6a5afaa017fdc185d3e9431e2d9b34779e8162eaa

    • SHA512

      70227975eb27a4e8c7d9ea0acfa438c865f56a84036948037e8edaafeb71c969c2e7413bd6f85609311a9da7068e152759ce868f34d0cf30cc580222218ef14c

    Score
    1/10
    • Target

      virtual_freer_v1.58/back/products.php

    • Size

      17KB

    • MD5

      d896943f8f33a1a4da9de18e6a109245

    • SHA1

      a803f5660a369ad75c1ef4c37d8ced50c67771e9

    • SHA256

      c611eaca6667097bdbf9fdee60d34ecd506fe37e92e7980bcd733cfa43d274e6

    • SHA512

      ddac6c113a2318f869fd8a48ddf2a58df1d0614bb11a2ea752168356434e4263899bb0156b664308f41172a57e8b24266e8729d813a358bc29041438487a97fb

    Score
    1/10
    • Target

      virtual_freer_v1.58/back/setting.php

    • Size

      9KB

    • MD5

      4de52162c06221bfeba0924b613494ab

    • SHA1

      702fb237e3d3c95c7bbabb079bf154f08aaaf756

    • SHA256

      8bc9a3adcb4ef7a8162934a5a448d6b08452f68740ece55deee5245941a8bdaa

    • SHA512

      cb1dbecf94117c6dc4dc24e6a8e2de089a3ab381451126455e98e5a5af944544875129ceeaa03711095468595e44c31c5122f5063b2f98636677371ba586b7fa

    Score
    1/10
    • Target

      virtual_freer_v1.58/back/template/header.php

    • Size

      6KB

    • MD5

      59d7f57dfdd5dbc1360cf023f594a093

    • SHA1

      232a4bf1d522e31426125df1431a47e72339f73d

    • SHA256

      70a910e317a8ed64f5a051b339a1bc671813a11140e6f7b0bb0e75e01fb9b88f

    • SHA512

      ea30e21638808473923deeebc78c35343a0806ce7be2302b33214734c228ddbb2e1e83299196196c49d1e08c43b1b5f5439c4935103072c5603a6247e1815f0e

    Score
    1/10
    • Target

      virtual_freer_v1.58/back/template/index.html

    • Size

      123B

    • MD5

      6b37309700ffdd85eed2431b5dfd3bb1

    • SHA1

      2eaf914fe507a09f321684b8add29b94cee50db3

    • SHA256

      c703afa89e7517dd5020ac2960b7e14b44d4010ef02d5e0f6e34b9629935a3ce

    • SHA512

      79211ac08ef90a01c9ab0bbb2f2bc437b696c9f5b1193c1d98659428ea3ba5a1db7a6659d8b14f5c4184c577ef6caff456439654b84c986740e7a2a50bd92060

    Score
    1/10
    • Target

      virtual_freer_v1.58/callback.php

    • Size

      8KB

    • MD5

      8236f4cb9ad4204ef295b2f9129d1e94

    • SHA1

      6393374e5f281f71f290af4a5d034737ed5ed4a5

    • SHA256

      e6802e0fea8e1ab71f534ee9b3fb86dc20596a287ea0411a3e0b5eb672764faa

    • SHA512

      089b23220bb79aef2622f72c3ce27fcad896865e0ca7c2959e8f94a8f0e808efcda35f28f4d6bab61b6c4b3a0fb635b3c7d13d431eb0b968ad551a40c091bbc0

    Score
    1/10
    • Target

      virtual_freer_v1.58/guide.pdf

    • Size

      289KB

    • MD5

      465298d9fade6033fea704c4c2b7d518

    • SHA1

      d1fad500d6e145b008297bd2575e69c77f3a03da

    • SHA256

      342ab8f1cb7c43c193acc00216a0c5137fdc00204c9fac6d354e529362cf2870

    • SHA512

      bb8eff0031642c3f0b4f5ba6cfec295eb5281725867b93609c346b66d61e57b2280354e3c88954574ba30c912e39a673c74b969727001522532889e7152fe7d6

    Score
    1/10
    • Target

      virtual_freer_v1.58/include/funks.php

    • Size

      16KB

    • MD5

      2f76858cadb1c933ecf66e9beb481cc2

    • SHA1

      ea479afe5d35562dd9323b147559eb713a84013d

    • SHA256

      78af615c9a9eec910e4e8f2a5afb26c70538d2016f37f140b03dc79763ad33f4

    • SHA512

      d61b0f603b6262cc25d3fda2c8e068017bd6ac0f137c41440f69ae8c9800f4daf19b87bf226f492ddcacb30639acb5774ce8c1378f96ada359c48c52888370fe

    Score
    1/10
    • Target

      virtual_freer_v1.58/include/index.html

    • Size

      123B

    • MD5

      6b37309700ffdd85eed2431b5dfd3bb1

    • SHA1

      2eaf914fe507a09f321684b8add29b94cee50db3

    • SHA256

      c703afa89e7517dd5020ac2960b7e14b44d4010ef02d5e0f6e34b9629935a3ce

    • SHA512

      79211ac08ef90a01c9ab0bbb2f2bc437b696c9f5b1193c1d98659428ea3ba5a1db7a6659d8b14f5c4184c577ef6caff456439654b84c986740e7a2a50bd92060

    Score
    1/10
    • Target

      virtual_freer_v1.58/include/libs/class.phpmailer.php

    • Size

      75KB

    • MD5

      5c97047537ce832f2916f1c975b5edb4

    • SHA1

      38a805aec6403b8873df8fcede84ccbd8e37f7f2

    • SHA256

      4dd6cacd7aae9245e3deda8c0ce5801397b8869e2440a606e1da737821445efa

    • SHA512

      afdc5fb4cc3836bb26121e9960acd3db4e8103db6f41d4a402086efdcd00d65ca92050488cbab3e897c1e195636925ff281be3ee2f38ed7c758c0524ac2d0e8e

    Score
    1/10
    • Target

      virtual_freer_v1.58/include/libs/class.smtp.php

    • Size

      29KB

    • MD5

      9618d989144adb4bb7b3f8e22c4039dd

    • SHA1

      33a47be4da7ff19b02cc9f4ef26f2a0148b3f6f8

    • SHA256

      2a33769f985d9cf043e92aa4fb306a6e364970c828922c8455212d822cd543b7

    • SHA512

      41f5e03a9e2fa1d31d26a3a5f4b91a118ca78d87dc8d8f5f8f0690ed191fd355ddbf80afbe1c394c709fb7dbffdf23e185fc23aecedbc73be1ef4690f958b958

    Score
    1/10
    • Target

      virtual_freer_v1.58/include/libs/index.html

    • Size

      123B

    • MD5

      6b37309700ffdd85eed2431b5dfd3bb1

    • SHA1

      2eaf914fe507a09f321684b8add29b94cee50db3

    • SHA256

      c703afa89e7517dd5020ac2960b7e14b44d4010ef02d5e0f6e34b9629935a3ce

    • SHA512

      79211ac08ef90a01c9ab0bbb2f2bc437b696c9f5b1193c1d98659428ea3ba5a1db7a6659d8b14f5c4184c577ef6caff456439654b84c986740e7a2a50bd92060

    Score
    1/10
    • Target

      virtual_freer_v1.58/include/libs/nusoap.php

    • Size

      290KB

    • MD5

      0824d2ec824d9591cbab4fc60ace2441

    • SHA1

      55c6335109680ad9c1c4bfcb5e97f22a743e101c

    • SHA256

      6e93484bb2104e57de46636dede8c87c97afdd236e2c3096b936b917c2186d11

    • SHA512

      40d9be09423fc9afa46bc47e6cbddc6eb34a76dfb1c8ee3f0027d5cd29c0c6241d7f55922e9aa7ece4403538668fc8215cd46ad9621195f280dd758bf984c80a

    Score
    1/10

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

4
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks