Overview

overview

10

Static

static

SCAN-308928.html

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SCAN-308928.zip

  • Size

    415KB

  • Sample

    220617-v739vafcg4

  • MD5

    9e744e1183217699de51febe2b4f9e7e

  • SHA1

    55b2915394a28eb34d836091ad325bd31520bf3f

  • SHA256

    6e17651f1f06f4ddc06650b87dc17de1660db8c457d621296665d84be279ac79

  • SHA512

    89f68eb7cc0ab25d7ccc773f70ebe84882dcc1e429696f103dbc4f01bd395c49e419fe4cb87d85ddb3649f88a8a7e0784238e8025125c09707b7fa4039292025

Score
10/10
matanbuchusloader

Malware Config

Targets

    • Target

      SCAN-308928.html

    • Size

      936KB

    • MD5

      4fa012174f4858a0a0220466d6b7b832

    • SHA1

      b4e17de0b0579c0bead99f252635e19686335c69

    • SHA256

      df9fcc3c8b20c1bbe485985afdc0b13af5de43309cb541e7359071d3c01cfbc8

    • SHA512

      f47d2786021f164d381cb0683ba00570636d673bd208a1407eb1d414003bcd66c0d3b392f33f0c195ca4c9904831b60819618eb20dc3145607725793e59ea6c0

    Score
    10/10
    matanbuchusloader

    • Matanbuchus

      A loader sold as MaaS first seen in February 2021.

      loadermatanbuchus

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks