ardamax | 56a2b327c8405acce397302e6af14dc34a561627056f1ff4d88adbdd8f64a232 | Triage

Submit
Reports

Overview

overview

Static

static

2023-04-25...ri.exe

windows7-x64

2023-04-25...ri.exe

windows10-2004-x64

Sharing

General

Target

2023-04-25_c21d96eb8a9e9ecad75a400108c697cc_alina_aspxspy_cerber_cobalt-strike_darkcomet_derusbi_dridex_inception_jrat_lazagne_lockbit_mirage_nautilus_neuron_plugx_redleaves_remcos_rurktar_sliver_th3bug_utkonos_wannacry_webshell-shell_winnti_yayih
Size

5.0MB
Sample

230426-efdxwagg8v
MD5

c21d96eb8a9e9ecad75a400108c697cc
SHA1

5072be679c8d9865fcb965a25d10988493cc2e33
SHA256

56a2b327c8405acce397302e6af14dc34a561627056f1ff4d88adbdd8f64a232
SHA512

c9fa9a61749af46e29cd64bed197639fb11eda7424fd8f1b621c7bc60ac16f31cc55976bc0a907ab867e37845007c0a30b10c89cccd68fd731b3c588bff20f07
SSDEEP

49152:9Gbf5gfKJu0zf4R+oUN+edPTPR5Y0Pf/deh/1XwshSLGI/trdxblHK:KFlRm01+j0BA

Score

10^/10

ardamax matiex metasploit snakekeylogger xmrig backdoor keylogger link miner pdf stealer trojan

Static task

static1

miner pdf link matiex snakekeylogger xmrig ardamax metasploit

11 signatures

Behavioral task

behavioral1

Sample

2023-04-25_c21d96eb8a9e9ecad75a400108c697cc_alina_aspxspy_cerber_cobalt-strike_darkcomet_derusbi_dri.exe

Resource

win7-20230220-en

matiex metasploit snakekeylogger xmrig backdoor keylogger miner stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2023-04-25_c21d96eb8a9e9ecad75a400108c697cc_alina_aspxspy_cerber_cobalt-strike_darkcomet_derusbi_dri.exe

Resource

win10v2004-20230220-en

matiex metasploit snakekeylogger xmrig backdoor keylogger miner stealer trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2023-04-25_c21d96eb8a9e9ecad75a400108c697cc_alina_aspxspy_cerber_cobalt-strike_darkcomet_derusbi_dridex_inception_jrat_lazagne_lockbit_mirage_nautilus_neuron_plugx_redleaves_remcos_rurktar_sliver_th3bug_utkonos_wannacry_webshell-shell_winnti_yayih
- Size
  
  5.0MB
- MD5
  
  c21d96eb8a9e9ecad75a400108c697cc
- SHA1
  
  5072be679c8d9865fcb965a25d10988493cc2e33
- SHA256
  
  56a2b327c8405acce397302e6af14dc34a561627056f1ff4d88adbdd8f64a232
- SHA512
  
  c9fa9a61749af46e29cd64bed197639fb11eda7424fd8f1b621c7bc60ac16f31cc55976bc0a907ab867e37845007c0a30b10c89cccd68fd731b3c588bff20f07
- SSDEEP
  
  49152:9Gbf5gfKJu0zf4R+oUN+edPTPR5Y0Pf/deh/1XwshSLGI/trdxblHK:KFlRm01+j0BA
Score

10^/10

matiex metasploit snakekeylogger xmrig backdoor keylogger miner stealer trojan
- Matiex
  Matiex is a keylogger and infostealer first seen in July 2020.
  stealer keylogger matiex
- Matiex Main payload
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

minerpdflinkmatiexsnakekeyloggerxmrigardamaxmetasploit

behavioral1

matiexmetasploitsnakekeyloggerxmrigbackdoorkeyloggerminerstealertrojan

behavioral2

matiexmetasploitsnakekeyloggerxmrigbackdoorkeyloggerminerstealertrojan

© 2018-2024

Terms | Privacy