Overview

overview

8

Static

static

URLScan

urlscan

1

https://google.com

windows7-x64

8

Resubmissions

21-08-2022 14:53

220821-r9e39aahej 8

20-08-2022 19:34

220820-yajeysada3 8

18-08-2022 19:56

220818-ynvp5seac3 8

14-08-2022 21:38

220814-1hgbnsddf5 8

18-07-2022 04:40

220718-fajfvaafdl 1

18-07-2022 04:26

220718-e2lvlsaegj 8

16-07-2022 04:29

220716-e4rtmsgeg3 8

16-07-2022 03:58

220716-ejzczsgde2 8

11-07-2022 19:19

220711-x1h2facabn 10

10-07-2022 23:55

220710-3yffesdfan 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://google.com

  • Sample

    220716-e4rtmsgeg3

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      https://google.com

    Score
    8/10
    evasionpersistence

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Drops startup file

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

1
T1091

Execution

Persistence

Modify Existing Service

1
T1031

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Replication Through Removable Media

1
T1091

Collection

Exfiltration

Command and Control

Impact

Tasks