Resubmissions

23-01-2023 20:28

230123-y9hbyagh7z 10

23-01-2023 18:44

230123-xdq4jagc71 10

General

  • Target

    https://download-cdn.com/download.php?f=Ldrp.dll&from=AnyDeskSetup_26b30163.msi

  • Sample

    230123-y9hbyagh7z

Score
10/10

Malware Config

Targets

    • Target

      https://download-cdn.com/download.php?f=Ldrp.dll&from=AnyDeskSetup_26b30163.msi

    Score
    10/10
    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Unknown use of msiexec with remote resource

MITRE ATT&CK Matrix

Tasks