920f3f32d3b216fe3eaf6ddb36d17869cb93dfeb2f12c336a5b4ef92b5ebc4bc | Triage

Submit
Reports

Overview

overview

8

Static

static

Cloudforce...ed.exe

windows10-1703-x64

8

Sharing

General

Target

Cloudforce-Revamped.exe
Size

9.7MB
Sample

221228-ksbaeach71
MD5

23fc489a1d8053f86afb29890313013a
SHA1

3028de0b672177fdd049b19fe40bf953727dd604
SHA256

920f3f32d3b216fe3eaf6ddb36d17869cb93dfeb2f12c336a5b4ef92b5ebc4bc
SHA512

4d109b4dd500e0a2f4a9a7ad671f2abf8ffb550d8f88ea1cb3ee62610ab4e7b97d4109715676c95e3faeb567ed0c0324d36a408c757239d1ead816feae84a03d
SSDEEP

196608:0gJgJg83HNhWAurOKYgUhRj+GKkyrt11lxym3YmOZdig7xT2pu:0gJgJg83HnWAcONgGSkwPnx1mR7xCM

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

Cloudforce-Revamped.exe

Resource

win10-20220812-en

windows10-1703-x64

19 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Cloudforce-Revamped.exe
- Size
  
  9.7MB
- MD5
  
  23fc489a1d8053f86afb29890313013a
- SHA1
  
  3028de0b672177fdd049b19fe40bf953727dd604
- SHA256
  
  920f3f32d3b216fe3eaf6ddb36d17869cb93dfeb2f12c336a5b4ef92b5ebc4bc
- SHA512
  
  4d109b4dd500e0a2f4a9a7ad671f2abf8ffb550d8f88ea1cb3ee62610ab4e7b97d4109715676c95e3faeb567ed0c0324d36a408c757239d1ead816feae84a03d
- SSDEEP
  
  196608:0gJgJg83HNhWAurOKYgUhRj+GKkyrt11lxym3YmOZdig7xT2pu:0gJgJg83HnWAcONgGSkwPnx1mR7xCM
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Web Service

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy