hxxps://github[.]com/pankoza-pl/malwaredatabase | Triage

Submit
Reports

Overview

overview

8

Static

static

URLScan

urlscan

https://github.com/p...

windows7-x64

8

https://github.com/p...

windows10-2004-x64

8

Sharing

General

Target

https://github.com/pankoza-pl/malwaredatabase
Sample

230105-w3j6vacg53

Score

8^/10

bootkit discovery evasion exploit persistence upx

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://github.com/pankoza-pl/malwaredatabase

Resource

win7-20221111-en

windows7-x64

7 signatures

1800 seconds

Behavioral task

behavioral2

Sample

https://github.com/pankoza-pl/malwaredatabase

Resource

win10v2004-20220812-en

bootkit discovery evasion exploit persistence upx

windows10-2004-x64

22 signatures

1800 seconds

Malware Config

Targets

- Target
  
  https://github.com/pankoza-pl/malwaredatabase
Score

8^/10

bootkit discovery evasion exploit persistence upx
- Disables Task Manager via registry modification
  evasion
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Modifies file permissions
  discovery
- Legitimate hosting services abused for malware hosting/C2
- Modifies boot configuration data using bcdedit
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

File Permissions Modification

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

urlscan1

behavioral1

behavioral2

bootkitdiscoveryevasionexploitpersistenceupx

© 2018-2024

Terms | Privacy