Overview

overview

10

Static

static

File.exe

windows10-2004-x64

10

Resubmissions

14-11-2022 04:15

221114-evjrnshh2t 10

17-07-2022 06:05

220717-gtf1hagcf3 10

02-07-2022 06:53

220702-hn2kpadhcp 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    File.exe

  • Size

    275KB

  • Sample

    220717-gtf1hagcf3

  • MD5

    bdc781f3ff4937a9f53d0af613d00002

  • SHA1

    0e1a3279035daa3d0681fd24e2a7c1d446882054

  • SHA256

    bbf8dbb3ca59a60f20438cabbb16449bdecbfa4c6347172a6e20c3639dd4e2fd

  • SHA512

    c7311fc23ca7d6552dcf759aed5bd000df04ac78d672d6cab2ee7976301714a96773dda7c0b76e6abc26f4852318a02218e549cd1e392fbbd59bf56a5e28e145

Score
10/10
privateloaderloader

Malware Config

Extracted

Family

privateloader

C2

http://212.193.30.45/proxies.txt

http://85.202.169.116/server.txt

pastebin.com/raw/A7dSG1te

http://wfsdragon.ru/api/setStats.php

85.202.169.116

Targets

    • Target

      File.exe

    • Size

      275KB

    • MD5

      bdc781f3ff4937a9f53d0af613d00002

    • SHA1

      0e1a3279035daa3d0681fd24e2a7c1d446882054

    • SHA256

      bbf8dbb3ca59a60f20438cabbb16449bdecbfa4c6347172a6e20c3639dd4e2fd

    • SHA512

      c7311fc23ca7d6552dcf759aed5bd000df04ac78d672d6cab2ee7976301714a96773dda7c0b76e6abc26f4852318a02218e549cd1e392fbbd59bf56a5e28e145

    Score
    10/10
    privateloaderloader

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

      loaderprivateloader

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks