General

  • Target

    2023-04-25_c21d96eb8a9e9ecad75a400108c697cc_alina_aspxspy_cerber_cobalt-strike_darkcomet_derusbi_dridex_inception_jrat_lazagne_lockbit_mirage_nautilus_neuron_plugx_redleaves_remcos_rurktar_sliver_th3bug_utkonos_wannacry_webshell-shell_winnti_yayih

  • Size

    5.0MB

  • Sample

    230426-efdxwagg8v

  • MD5

    c21d96eb8a9e9ecad75a400108c697cc

  • SHA1

    5072be679c8d9865fcb965a25d10988493cc2e33

  • SHA256

    56a2b327c8405acce397302e6af14dc34a561627056f1ff4d88adbdd8f64a232

  • SHA512

    c9fa9a61749af46e29cd64bed197639fb11eda7424fd8f1b621c7bc60ac16f31cc55976bc0a907ab867e37845007c0a30b10c89cccd68fd731b3c588bff20f07

  • SSDEEP

    49152:9Gbf5gfKJu0zf4R+oUN+edPTPR5Y0Pf/deh/1XwshSLGI/trdxblHK:KFlRm01+j0BA

Malware Config

Targets

    • Target

      2023-04-25_c21d96eb8a9e9ecad75a400108c697cc_alina_aspxspy_cerber_cobalt-strike_darkcomet_derusbi_dridex_inception_jrat_lazagne_lockbit_mirage_nautilus_neuron_plugx_redleaves_remcos_rurktar_sliver_th3bug_utkonos_wannacry_webshell-shell_winnti_yayih

    • Size

      5.0MB

    • MD5

      c21d96eb8a9e9ecad75a400108c697cc

    • SHA1

      5072be679c8d9865fcb965a25d10988493cc2e33

    • SHA256

      56a2b327c8405acce397302e6af14dc34a561627056f1ff4d88adbdd8f64a232

    • SHA512

      c9fa9a61749af46e29cd64bed197639fb11eda7424fd8f1b621c7bc60ac16f31cc55976bc0a907ab867e37845007c0a30b10c89cccd68fd731b3c588bff20f07

    • SSDEEP

      49152:9Gbf5gfKJu0zf4R+oUN+edPTPR5Y0Pf/deh/1XwshSLGI/trdxblHK:KFlRm01+j0BA

    • Matiex

      Matiex is a keylogger and infostealer first seen in July 2020.

    • Matiex Main payload

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Snake Keylogger

      Keylogger and Infostealer first seen in November 2020.

    • Snake Keylogger payload

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

MITRE ATT&CK Matrix

Tasks