47dd3b96d620554569a957c1571b202f224a6ba2432cee71530613e1743fc0ac

Sharing

Copy URL

Twitter E-mail

General

Target

SpotX-Win-main.zip
Size

59KB
Sample

230104-q9hcyagd54
MD5

d0df12f3803374096e06a15cc2bbc95d
SHA1

71bf3bdb191a7b9e1114d0ed5d3b4fa9d7b10681
SHA256

47dd3b96d620554569a957c1571b202f224a6ba2432cee71530613e1743fc0ac
SHA512

0820fa12bdb4d6af6ae705efbdc8001099299885c384587e1ddceb729d8834eca616cd5e85b2bb979f34c588b1557fccaecdaac9a47a08a94524cea1b4dee97a
SSDEEP

768:w9iuuDb4gKzJ2Gy6cZEYcDjpvf0/Mzj+cDweVbocKz1mQgHv6mOGUGlcWct5o0tw:w9ZuHhKzJZylEnDjFf0kFVofmOGUbWj

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  SpotX-Win-main/.github/ISSUE_TEMPLATE/bug_report.yml
- Size
  
  2KB
- MD5
  
  6259f5c5e7aea4c23cc960e2b89602b0
- SHA1
  
  02b5163640b08a11f89ee819a2db35ac6778765b
- SHA256
  
  4092eaa0fd3125ac217c5be7e9d6ab92c9a56fa63f9db14f8d068ff32e4eeaf4
- SHA512
  
  c5bead3385a86fab7b705cbe70fa70f058d7ba5688b80c76a5cbbe4ac718a9b0b8c849aba94ec7175ec0f51c34eaca045c35c4cd4d3d999a9d46a3e0b76559b5
Score

1^/10
behavioral1
- Target
  
  SpotX-Win-main/.github/cutt/test-cutt.txt
- Size
  
  4B
- MD5
  
  098f6bcd4621d373cade4e832627b4f6
- SHA1
  
  a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
- SHA256
  
  9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
- SHA512
  
  ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
Score

1^/10
behavioral2
- Target
  
  SpotX-Win-main/Install.bat
- Size
  
  332B
- MD5
  
  dff84ca99df0b5e3dd96966d340b1821
- SHA1
  
  e70941bd9de9d95b4f6dc951ab6e87d5e87e9eab
- SHA256
  
  d93d5704ae00dff90158c387377933da0492736172a2104755dde20cd940cab1
- SHA512
  
  6f60e76701f3d3461f2d400037e5cf44ac29448d6009036419b4dc4cfe0e3617ec5d2728d4dd1371bd86a442eecdf9c5a4b85a12fa39082a75d4d5880eb7b98a
Score

8^/10
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral3
- Target
  
  SpotX-Win-main/Install.ps1
- Size
  
  62KB
- MD5
  
  0bc616fccd3c52f16ae7dd1a9b2d65d5
- SHA1
  
  57cb9ab4ca8fab342d78258cb2c5fee89e4b82ab
- SHA256
  
  d391684411a13ab3d1c32f39671cbd5f870cbc5d566cb44dd0ea9da45198a166
- SHA512
  
  3aa0dabf65386b1b8d7e5337463edc1ad5aa8f5e2ee13c9e539bb0f4307aa69521276beb4bb0a30cbf2d2d93161c5ee0907e17ff698324e47982574d19fe14a1
- SSDEEP
  
  768:wI1okgW9S8340QkG6eNMQ7Ns0eUqIdiyISieyricWL2WCrCccDhLgqFUWAVTsIDc:t1QhOj5OH7u+j
Score

8^/10
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral4
- Target
  
  SpotX-Win-main/scripts/Install_Auto.bat
- Size
  
  449B
- MD5
  
  ae5b5329e4bda4d1525d5e1302e424db
- SHA1
  
  dba437425472d5e18bfb3cffe7f4d10d3d47d71a
- SHA256
  
  c5f45c9754466e9fb50d797c11ab4d62621a268cb269d8b1b9b343b979ce584b
- SHA512
  
  d3ac64a1ff59ec69cc5d91b2eb16e2ee3773184da8060974ac0b1b4aac33b0db2423fcd23ed2e19b5217362764b46c1e1149abb30852bbba2077f86feedbab5f
Score

8^/10

persistence
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral5
- Target
  
  SpotX-Win-main/scripts/Install_Basic.bat
- Size
  
  481B
- MD5
  
  4d2ee5ccf5bb96c40a93bc4b319a0bfd
- SHA1
  
  77c227f6f7bbab299ca5715944fe3a2b956b619e
- SHA256
  
  d0a556048b951afbdf89cef96a75cae184c9cf2817a26530c431015b66cd7799
- SHA512
  
  520142fcafe5290bc81da6d499fbdfc74a7a51db61c8726844bc1e81d110da855e22643334f577bd8be9630e9a129f2a496df356ac27d5c230031a7c4c42e954
Score

8^/10

persistence
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral6
- Target
  
  SpotX-Win-main/scripts/Install_Prem.bat
- Size
  
  344B
- MD5
  
  5a0d3925e5f46057518a1b394433e89f
- SHA1
  
  0406bec362e0ecdfb09fcba6b71d1452ab6ca677
- SHA256
  
  3846cab3e9fbeb2b69643772f2042e895a40a5b4cbe99aed13131c3d70ba483b
- SHA512
  
  e17e43b72a2f9e31b4fdcf075cd6390f50cea214d4c3a1d575333778d8f685ef3dedd8aba75364bb39176d2cbdf2495e79c1646260d732ec7d30271de9109698
Score

8^/10
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral7
- Target
  
  SpotX-Win-main/scripts/cache/cache_spotify.ps1
- Size
  
  1KB
- MD5
  
  e3ccbfcb30069948da99cedc58d18ff8
- SHA1
  
  0fc8bd2032376821e1920d617d85d97f5d17a15f
- SHA256
  
  d81c891f81cc03d62ad6472804d93020f4c9a77784c81ac6b678d346d2518d1f
- SHA512
  
  b0608468199035813fb9b596a40a45a3f5fad9609bfe1d5f5728bacea633360d853da7264a32b75bdabdc0c48cd09d998f71af710cb22620e748fecbdaa6fed5
Score

1^/10
behavioral8
- Target
  
  SpotX-Win-main/scripts/cache/cache_spotify_ru.ps1
- Size
  
  2KB
- MD5
  
  622a75c740377ff2cda94e9fd4a43eea
- SHA1
  
  455722dac9b65bc4146e1b7c8ed5afea61054186
- SHA256
  
  a703f22c53d8d53280eb3a15c78f80781b586e74ffd811a44e99f94f59b1fff2
- SHA512
  
  93381c64d8e39db0dfc33f57c86c0c4ca25f9803608180a799ae036d37437b6be06531888a2050393f75952b411a7d2d78e54fe7559d3081c2edd123c729492b
Score

1^/10
behavioral9
- Target
  
  SpotX-Win-main/scripts/cache/hide_window.vbs
- Size
  
  140B
- MD5
  
  ed0a06e0e24e1f94e608bca03eb5eef2
- SHA1
  
  f079d2a3d6b0ef0657e6dfeb8c278ec5bfc1ca20
- SHA256
  
  1a817aa66979c8100608692bc29722fc97e1955460614a7263fe24e1ecdb71b2
- SHA512
  
  cf78e0053c240541e02cbccd51f5414cd0ba2e884c7c0693fface365ebc46e382b1eef3a4f74f53c983a3055252cd7273f95159e959bfa6b0e64bb5e5dba187c
Score

3^/10
behavioral10
- Target
  
  SpotX-Win-main/scripts/cache/run_ps.bat
- Size
  
  154B
- MD5
  
  f951690de39de946d6fc21f8f2ad967a
- SHA1
  
  ec4fff9088ac01bef6aba452550afc1e054f7023
- SHA256
  
  d37d21a54f78a7cd1c297109fc51c1f186073daf24bd3b90d623112de8f10c7f
- SHA512
  
  ed0a3871eb7da077d5b57c42ec8d5251b912e1ef808ec54fa32736547ff675ae7d9cc02e00f9521c7b639b861d80b0594b5b15c60cce4cc41f56bdfcb72e14cb
Score

3^/10
behavioral11
- Target
  
  SpotX-Win-main/scripts/installer-lang/de.ps1
- Size
  
  4KB
- MD5
  
  211b02768d0cc969bbcb763898aba7b4
- SHA1
  
  b6e205528eb8f8074da08442ab44514cd49b267c
- SHA256
  
  db86b3fce3cef6cbfd9bd0be1e5a4413cfccbb4753dc81b430d1725d42e72e8f
- SHA512
  
  c068a049bbd7b674e6fa18ff2687a818b429c4c55c3595320cd10acdb8ac3f8d73bc9ec06f03fb87dfc999d85d8897ca68b4a0da7354b6efeac0737f0cee7b36
- SSDEEP
  
  48:h+WelY9/PpdRoCNSTFSuZQi3SuGHr1rQGYwct7NZf/V9vqARhiHmKvcGGC5S6Oi4:hc0KyMZ9YZeZLvlTm0Gz5zcAEHxVqu1r
Score

1^/10
behavioral12
- Target
  
  SpotX-Win-main/scripts/installer-lang/en.ps1
- Size
  
  3KB
- MD5
  
  fff1e4ba65fb85cd5d35a6c366838e69
- SHA1
  
  ea82c71dd08e8a27971ff53b167e5ee7392543a4
- SHA256
  
  d53cbf2cf414f5fcf401d08592640e6f73a81025a0b2bf257be3c4820ac09926
- SHA512
  
  d7ea72708d55e67a038be7cc26b344899484254a5b05457891aa46ee3e71bf36e720bab5d569a85d602ef2fd9d580c91eee1f91a80e99bb74b466201cc2e5e10
Score

1^/10
behavioral13
- Target
  
  SpotX-Win-main/scripts/installer-lang/es.ps1
- Size
  
  4KB
- MD5
  
  dbf220b87c782eeb48dd19b3b8db7d10
- SHA1
  
  894e7d52ad692f00f8256f1503404fa1e4ffe534
- SHA256
  
  6bd06ad1e47606ff3cf3402ff2a6326e190270e690022de6c14291b010175ce5
- SHA512
  
  38e2d41c238e5cc59f7ad46f9dc2f2e48075b25368f1b64a6f71715c20dacf4b22016e1029bb77692b6f4966eee3c106fab89425e5ca08e344364192fcac3be7
- SSDEEP
  
  96:V30ypMfo38ePWIlMe8nsFx7XxPn2J/Z+0lqsyE6EteJRq753:V9psececsFtCZ+0b6jRq79
Score

1^/10
behavioral14
- Target
  
  SpotX-Win-main/scripts/installer-lang/fa.ps1
- Size
  
  5KB
- MD5
  
  2e7582533b6376461f2f247268ee03b9
- SHA1
  
  42c29047c17464ff3d8feac177e6c3805e7e3420
- SHA256
  
  5810bf61150cff4e720e486cb551d90aecb144352d00220ffcb7f10ae1ab13a5
- SHA512
  
  b8a687fdac71dee9245afe15d34dbb0b4399ccc5eca65039966a1d888b1f15e2fd7ee9c8abe7030d981e4336755e124f7307f4d127b0a903222e8c9cc1d03797
- SSDEEP
  
  96:tQgIVvIRIXerkOP7sdLfbrb55UA7nTKe2HVvMrE2rSB5kNq2ZecdX7U:a1qJ7oPn7QMF05kLvLU
Score

1^/10
behavioral15
- Target
  
  SpotX-Win-main/scripts/installer-lang/fr.ps1
- Size
  
  4KB
- MD5
  
  82c9b2808b168d7eb7dcf76d8091081d
- SHA1
  
  643339634528956d4af42cb92a857679af07ced5
- SHA256
  
  5faada67915f565288e5e5eb33b0b051ac26097ab53995a7db7a44dbd4f1d58a
- SHA512
  
  eb45e05462b801c045a00bd41d9300b26230c8102777b36dfdb1117a8bcd9598f356c10eed8490fdc56444656ee5652b29e4b9d41f7b375fad3d22c12831c550
- SSDEEP
  
  96:hPG/ytOco2BootyB6xaQ3RRxhPmJX/T/ru8AMvcF9JCJ:9iRYeIa757TAzCJ
Score

1^/10
behavioral16
- Target
  
  SpotX-Win-main/scripts/installer-lang/hi.ps1
- Size
  
  7KB
- MD5
  
  d7a6bbb0b829eabbb20988a3ce65dc22
- SHA1
  
  88e45a7a02c64d9d0978234cc6d35fc9a360ecca
- SHA256
  
  c630c0630ed3a72c5df0e4be8f01d1b8fc3512995b5216730c8c0c9ae47ffea5
- SHA512
  
  bd6abce768bf4129c24bf7a0e6f0abe975c6988a86dcf542cde6a8488e1add150ed63923df0f4da6f570b146c67289abeddd5af30ccfa957e0db66062108999f
- SSDEEP
  
  96:iCW80Euih/CyzeO0EIAReSb+/75VTOMjseZoKgA/RAdjz8FAdObvoaI05ra30j70:DqdnzzrpW9CngwM9vwTqLGTlajdm23P
Score

1^/10
behavioral17
- Target
  
  SpotX-Win-main/scripts/installer-lang/hu.ps1
- Size
  
  4KB
- MD5
  
  1f9d9df92b44b54549b9325b7476780b
- SHA1
  
  62cbfef671713d1a49f3386850f43fb8b43b954f
- SHA256
  
  c2ca0a174eb820c247b5c9ccfecaaa5f083700c32afcd8b67fe495bbc8fcb76f
- SHA512
  
  e4583e52deaa1257c7e904645f86c4637da1708e3650f4649eb571a102eb12b46dfa7490cbb6ceed287dab4ff7ce5a87ef31383f3c3e65f5956378e14f42a582
- SSDEEP
  
  96:TANk//Qyni1B8P9xhRfKUBxz0IHMB4tPJYSO:3ABECMSIHk4YSO
Score

1^/10
behavioral18
- Target
  
  SpotX-Win-main/scripts/installer-lang/id.ps1
- Size
  
  3KB
- MD5
  
  018e568bb25c117fb38a33a9cd751b39
- SHA1
  
  8d032097acfe0256c44cb2f1fdc3331d368d46ee
- SHA256
  
  91c857bda308e8ff0cb89580bd332a36a09a13234490ba4f76152becc3f8f9c0
- SHA512
  
  26e8995706d3482e979d4be69db8b8d4eed8e9addf57c34a9c7d2222eba24cd0089a119ca21eb4ff687a8df578af28f0323c41543a0fe0ecffbacdc4ce50188e
Score

1^/10
behavioral19
- Target
  
  SpotX-Win-main/scripts/installer-lang/it.ps1
- Size
  
  4KB
- MD5
  
  1bca6405c95ffe30f04a451b7ebc2b1f
- SHA1
  
  3322cbf453b8b121ee9124e45ef9eec1ba19f291
- SHA256
  
  8c715466140fa4dcc032d2531053334f90815f95a13af424d9836212d997fbc9
- SHA512
  
  25de1d5f3f54acecdba8e3a574e802dda8690845cc63b82febc0d061a5a2ea306f654082580c49ef8ae3a4ced0a074d7d6379930b09372dda1838c627d5e56e1
- SSDEEP
  
  96:sEFbisdFEtvntvSxFs2kLKpfBu+NDjwVNSE9ggiqXf50/AIVMcmc8sMqJSHIc4:3NZdK1SxFs2NpfTNDjU0Kg8fK3cImIc4
Score

1^/10
behavioral20
- Target
  
  SpotX-Win-main/scripts/installer-lang/ka.ps1
- Size
  
  7KB
- MD5
  
  90bd5a72fcd06fab8acc4c936d073ead
- SHA1
  
  8a49629e46bdcefa6284933393cb7f4d7a221b16
- SHA256
  
  99215f0a3ee4b25b0406e1fc6aee4df73d3b2e77e5b5748dc040b33c497577c6
- SHA512
  
  e0e1a6685311d0cb5d576cbe73d99e93c83358ba8bc2aa27036bd4ab712856ebf4f79650576bb9df403513791494559b6ef74f4bd36f82088e7e6b782a424981
- SSDEEP
  
  192:KM0r0dO7KpkWMxACMLRZ4eRuoX913hE9W2/PWxwNVhr2fsj1Cn4w2BEr0Qabair9:KM0Ydnk0tK2B4WARajoMo
Score

1^/10
behavioral21
- Target
  
  SpotX-Win-main/scripts/installer-lang/ko.ps1
- Size
  
  4KB
- MD5
  
  2b217d0183f70f941a40f2e88ffbde0f
- SHA1
  
  921fc2debe5b86aba0f85a9f8d1526a93d4e9737
- SHA256
  
  056a48188315f6524f1c1bf59aa2e5fc79000a82933416c668f1fe9a0f6e4512
- SHA512
  
  25da6996e9c1d978bb71fbd72e86a81d0be5900a5336b5775245e7e6ae4f5037b8a865b570865044ed268d271d642657632afb9e85126b416818dec9f733c63c
- SSDEEP
  
  96:VYHsFdXjsajvOzy0QVpLPhs4NQ+AJjxlJzqNuxJq+tjEFWZU:GMDfmzy0QTPW3JpjBZFZU
Score

1^/10
behavioral22
- Target
  
  SpotX-Win-main/scripts/installer-lang/pl.ps1
- Size
  
  4KB
- MD5
  
  6914d2c8348783ddaa65f3439bb15f5e
- SHA1
  
  4171ac17565a57a932ff24aec26ec39ebeaa6a1f
- SHA256
  
  8eedfdade29e38b63e90dc91edfc0cdd8da648d23005a2983ad28f177626177f
- SHA512
  
  1089f8bcccf962aea64a559da6272b381a965a5ba6a2872bebed3dee7afda0c575b2f73e4be434aa072c666d030a46109e6be9565df68cfb08cda470768a1128
- SSDEEP
  
  96:h+Z49E3P1uCjHvqHv9szS+cVUqDFId0aSJIKR:W5HjHiHa3qiYFR
Score

1^/10
behavioral23
- Target
  
  SpotX-Win-main/scripts/installer-lang/pt.ps1
- Size
  
  4KB
- MD5
  
  053b619b71608ae45b1a62fceae31761
- SHA1
  
  b099c5cfd833ed63fb0cf8cb0daae878a955040b
- SHA256
  
  901d48da68682afeaeee4573267325b14f7b659c51ef4e9bd6a1fe04f13bd17a
- SHA512
  
  01c6dd2e55d3e3cd8fe24048be87569f57dfc591fb9ecbe803be306834ab6722a759f3324eb626702acee31bff0296760c287d52cb7859b208300b69f89c9a87
- SSDEEP
  
  96:/a70dotq1g5WO7idPOECTFN8ymWHtRJ7S6g5JE/lv:q0BRO78PjUT8KH+wlv
Score

1^/10
behavioral24
- Target
  
  SpotX-Win-main/scripts/installer-lang/ro.ps1
- Size
  
  4KB
- MD5
  
  3d8a0d9fbc7f14c83205d65104ec7b5f
- SHA1
  
  f86e80f7bed21299dec2fc293771ce474078579c
- SHA256
  
  3de0f48a2b2cca790c520c42315bb6c0b717b9883777beae06196771a7c502ca
- SHA512
  
  a084e8c2fd349f604d6086adc3026f9b3cec0fd13e376cf4fc82dc68302978d398e600aba8c33392c18ff9c2ddf2ef2113266a7679d91d146f1c2c9dacdc1343
- SSDEEP
  
  96:WoqGnDdO6XI6nSpM4FSz5j4gWVPiyqZn1JHCrNlLO:/Q7pvqtgVqyqpHC/S
Score

1^/10
behavioral25
- Target
  
  SpotX-Win-main/scripts/installer-lang/ru.ps1
- Size
  
  5KB
- MD5
  
  2c94d702c346c80f29c343882b607271
- SHA1
  
  3cc1142c3a55e544ad62e1035758090f64fd11a6
- SHA256
  
  70848f20ff029e84dfaea81cd76ffe6c13d477f7b17e866b929855ba6405c133
- SHA512
  
  dd3660ec25c365f221041a97e00bfd0889db56890a2ff16d52f12c55fa8737807c141d980540030609575bc847023e81b5a64b97602c6f5f912ed0350b96efd8
- SSDEEP
  
  96:mc8/i8+pO+0SVkXAOzdzA0y1XN60Mx6k5K8VM8Vt1uJQp1PJ1ge:r6+0SVkXNxA3dsK8VM8V0Je
Score

1^/10
behavioral26
- Target
  
  SpotX-Win-main/scripts/installer-lang/tr.ps1
- Size
  
  4KB
- MD5
  
  75a8b3cf11443f935eb4a1b6c98b8909
- SHA1
  
  ff8415cffc63475efc1fd8ba21b4fdda800e10bc
- SHA256
  
  0e10f2a2bae3a0fa9063a7cd83ec6ceaf1a1a5b7b1a59f31dac1f4a01636ab7d
- SHA512
  
  8640abe46b63c0f677c76aa90c15d1fac64c1a8e7a25b4751e59ebf3552c2523db2ec033b978ca44ff9f5ccbbc8701b9d658a32e7311fe8e6b0cdc71d8326274
- SSDEEP
  
  96:aWcdPOZwbdnVo9YD44DhWmfY8nZF24VodfCJnota2PK:Z8Vbw8nZF2IodYnIXy
Score

1^/10
behavioral27
- Target
  
  SpotX-Win-main/scripts/installer-lang/ua.ps1
- Size
  
  5KB
- MD5
  
  162355db44900a52445a982660e7cddb
- SHA1
  
  70a16d5ea46e4308484b09fa8c7900e2d75f1fdd
- SHA256
  
  d700b9f862b5dd31b3f6e23ab4a4e0b579e1385d8b00e5cb7fd586da8733d1b2
- SHA512
  
  74deba1fa869ee9e2eace22a45d51730c239a276f2fba244611e1522f696a92a257a94244b2d1dc124a3559840c83558f77f6e82e85807095a60db6d69afdda7
- SSDEEP
  
  96:C6yNHaAkRTwvCNDCiTi4NV+gA+ZZJLJuThTAmrcVZcVvOaKJGU3eP:4ZQ9ei3Rugfud7rcVZcVGfGZP
Score

1^/10
behavioral28
- Target
  
  SpotX-Win-main/scripts/installer-lang/vi.ps1
- Size
  
  4KB
- MD5
  
  a1b336aaa38c0f7141d031ca4c7bb8f2
- SHA1
  
  9ad442d0b4524171f8e348ea4c5cae6c3b41c2d2
- SHA256
  
  56feebe539cb38d2bfc3d35b832eca8062a55dcd7308416cb2ce4db937cf87ec
- SHA512
  
  b6238d959fd7cf7dbe16c087e9759c2aaee6bf7f43f1a8e7bb315be66bf2527b9cfff8e457a043d2ac56e8694965cd0a6bd9914fd7676391c14254b9584810c0
- SSDEEP
  
  96:7RM8wfTushuskHq/FtXDDvIIjncOULJEP6FKm3kIoCek2/aeZVzSoYJLqChBX:tMFHLkOVvz1uf0D/R1eLqChBX
Score

1^/10
behavioral29
- Target
  
  SpotX-Win-main/scripts/installer-lang/zh.ps1
- Size
  
  3KB
- MD5
  
  d463d1235815b6c9863bb22958f2ab57
- SHA1
  
  27608a2be46d4b83042815666f994d6ee61231ca
- SHA256
  
  34c8b7fcbd24376bbe9cbefe8db8664a79d7f95179abf7c83cf1c22a4e2fc1be
- SHA512
  
  47943b090060881b8ea6501f582dcc924a26927db2d5e0fb00c8c9035025b752a7dbf04521ca8247b91073829b3f82856aae649c8f9df1f169de006183c64062
Score

1^/10
behavioral30

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Web Service

T1102

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Blocklisted process makes network request

Downloads MZ/PE file

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

Blocklisted process makes network request

Downloads MZ/PE file

Executes dropped EXE

Checks computer location settings

Loads dropped DLL

Adds Run key to start application

Legitimate hosting services abused for malware hosting/C2

Blocklisted process makes network request

Downloads MZ/PE file

Executes dropped EXE

Checks computer location settings

Loads dropped DLL

Adds Run key to start application

Legitimate hosting services abused for malware hosting/C2

Blocklisted process makes network request

Downloads MZ/PE file

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30