Overview

overview

10

Static

static

561b9ded07...35.exe

windows7-x64

10

561b9ded07...35.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    561b9ded0711d8bb3a6f4727ca62c9713d18c937abb4ac69b7310e4f07448635

  • Size

    772KB

  • Sample

    220725-ggxgqahddk

  • MD5

    3702f63230e2cfd3e0b343fad2234e6b

  • SHA1

    4c5e6575c2364cda2ec3010180542f7dcc458c8d

  • SHA256

    561b9ded0711d8bb3a6f4727ca62c9713d18c937abb4ac69b7310e4f07448635

  • SHA512

    0bfbfa33f170e029a71d6ccac581b9cdff4cd3db1f043375d547f801643980292a85c139c2e3bd2d72ed043400f688f15832182fc9a9660961d7f75dbc2a22e1

Score
10/10
persistencesuricata

Malware Config

Targets

    • Target

      561b9ded0711d8bb3a6f4727ca62c9713d18c937abb4ac69b7310e4f07448635

    • Size

      772KB

    • MD5

      3702f63230e2cfd3e0b343fad2234e6b

    • SHA1

      4c5e6575c2364cda2ec3010180542f7dcc458c8d

    • SHA256

      561b9ded0711d8bb3a6f4727ca62c9713d18c937abb4ac69b7310e4f07448635

    • SHA512

      0bfbfa33f170e029a71d6ccac581b9cdff4cd3db1f043375d547f801643980292a85c139c2e3bd2d72ed043400f688f15832182fc9a9660961d7f75dbc2a22e1

    Score
    10/10
    persistencesuricata

    • suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

      suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

      suricata

    • Executes dropped EXE

    • Creates a Windows Service

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks