hxxps://github[.]com/BootModulex/PwnBox/blob/main/PwnBox[.]exe | Triage

Submit
Reports

Overview

overview

8

Static

static

1

URLScan

urlscan

https://github.com/B...

windows7-x64

8

https://github.com/B...

windows10-2004-x64

8

Sharing

General

Target

https://github.com/BootModulex/PwnBox/blob/main/PwnBox.exe
Sample

230222-l91gasag59

Score

8^/10

agilenet

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://github.com/BootModulex/PwnBox/blob/main/PwnBox.exe

Resource

win7-20230220-en

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

https://github.com/BootModulex/PwnBox/blob/main/PwnBox.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  https://github.com/BootModulex/PwnBox/blob/main/PwnBox.exe
Score

8^/10

agilenet
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

urlscan1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy