Overview

overview

8

Static

static

URLScan

urlscan

1

https://google.com

windows10-2004-x64

8

Resubmissions

21-08-2022 14:53

220821-r9e39aahej 8

20-08-2022 19:34

220820-yajeysada3 8

18-08-2022 19:56

220818-ynvp5seac3 8

14-08-2022 21:38

220814-1hgbnsddf5 8

18-07-2022 04:40

220718-fajfvaafdl 1

18-07-2022 04:26

220718-e2lvlsaegj 8

16-07-2022 04:29

220716-e4rtmsgeg3 8

16-07-2022 03:58

220716-ejzczsgde2 8

11-07-2022 19:19

220711-x1h2facabn 10

10-07-2022 23:55

220710-3yffesdfan 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://google.com

  • Sample

    220716-ejzczsgde2

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      https://google.com

    Score
    8/10
    persistenceupx

    • Downloads MZ/PE file

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Sets service image path in registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

4
T1012

Peripheral Device Discovery

2
T1120

System Information Discovery

4
T1082

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks