https://boosterx.ru

General
Target

https://boosterx.ru

Sample

220521-sgtxdadagp

Score
10 /10
Malware Config
Targets
Target

https://boosterx.ru

Score
10/10

Tags

Signatures

  • Modifies Windows Defender Real-time Protection settings

    Tags

    TTPs

    Modify RegistryModify Existing ServiceDisabling Security Tools
  • Modifies firewall policy service

    Tags

    TTPs

    Modify RegistryModify Existing Service
  • Modifies security service

    Tags

    TTPs

    Modify RegistryModify Existing Service
  • Suspicious use of NtCreateUserProcessOtherParentProcess

  • UAC bypass

    Tags

    TTPs

    Bypass User Account ControlDisabling Security ToolsModify Registry
  • Modifies boot configuration data using bcdedit

    Tags

    TTPs

    Inhibit System Recovery
  • Modifies Installed Components in the registry

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry
  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Enumerates connected drives

    Description

    Attempts to read the root path of hard drives other than the default C: drive.

    TTPs

    Query RegistryPeripheral Device DiscoverySystem Information Discovery
  • Legitimate hosting services abused for malware hosting/C2

    TTPs

    Web Service
  • Looks up external IP address via web service

    Description

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Drops file in System32 directory

Related Tasks

MITRE ATT&CK Matrix
Tasks

static1

urlscan1

1/10