ardamax | 91caa1fe289cdd8500399b3dcb07a5417223126a8cfd6833ece052acaaeb27f7 | Triage

Submit
Reports

Overview

overview

Static

static

2023041949...ne.exe

windows7-x64

2023041949...ne.exe

windows10-2004-x64

Resubmissions

12-06-2023 09:02

230612-kzv86abg4t 10

06-05-2023 23:59

230506-31vm5aad49 10

Sharing

General

Target

20230419492af928bf7209037aab62c05b82a75aalinaaspxspycerberdarkcometderusbidridexinceptionjratlazagnelockbitmiragenautilusneuronplugxredleavesrurktarsliverth3bugutkonoswannacrywebshellshellwinntiyayih.exe
Size

5.0MB
Sample

230506-31vm5aad49
MD5

492af928bf7209037aab62c05b82a75a
SHA1

c24a6f7736e125620abed012b4545ddeeac0675e
SHA256

91caa1fe289cdd8500399b3dcb07a5417223126a8cfd6833ece052acaaeb27f7
SHA512

0fbacf27a474203fe2c29e5c62b5c3d86803901a69e5ce538f9c2e09e42a0f7e4faff39eb0ae76a58a53412d49ae31ba86123fb28f28f1912ea54aa372cd48af
SSDEEP

49152:3Gbf5gfKJu0zf4R+oUN+edPTPR5Y0Pf/deh/1XwshSLGI/trdxblHK:cFlRm01+j0BA

Score

10^/10

ardamax matiex metasploit snakekeylogger xmrig backdoor keylogger link miner pdf stealer trojan

Static task

static1

miner pdf link matiex snakekeylogger xmrig ardamax metasploit

11 signatures

Behavioral task

behavioral1

Sample

20230419492af928bf7209037aab62c05b82a75aalinaaspxspycerberdarkcometderusbidridexinceptionjratlazagne.exe

Resource

win7-20230220-en

matiex metasploit snakekeylogger xmrig backdoor keylogger miner stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

20230419492af928bf7209037aab62c05b82a75aalinaaspxspycerberdarkcometderusbidridexinceptionjratlazagne.exe

Resource

win10v2004-20230220-en

matiex metasploit snakekeylogger xmrig backdoor keylogger miner stealer trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  20230419492af928bf7209037aab62c05b82a75aalinaaspxspycerberdarkcometderusbidridexinceptionjratlazagnelockbitmiragenautilusneuronplugxredleavesrurktarsliverth3bugutkonoswannacrywebshellshellwinntiyayih.exe
- Size
  
  5.0MB
- MD5
  
  492af928bf7209037aab62c05b82a75a
- SHA1
  
  c24a6f7736e125620abed012b4545ddeeac0675e
- SHA256
  
  91caa1fe289cdd8500399b3dcb07a5417223126a8cfd6833ece052acaaeb27f7
- SHA512
  
  0fbacf27a474203fe2c29e5c62b5c3d86803901a69e5ce538f9c2e09e42a0f7e4faff39eb0ae76a58a53412d49ae31ba86123fb28f28f1912ea54aa372cd48af
- SSDEEP
  
  49152:3Gbf5gfKJu0zf4R+oUN+edPTPR5Y0Pf/deh/1XwshSLGI/trdxblHK:cFlRm01+j0BA
Score

10^/10

matiex metasploit snakekeylogger xmrig backdoor keylogger miner stealer trojan
- Matiex
  Matiex is a keylogger and infostealer first seen in July 2020.
  stealer keylogger matiex
- Matiex Main payload
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Snake Keylogger
  Keylogger and Infostealer first seen in November 2020.
  stealer keylogger snakekeylogger
- Snake Keylogger payload
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

minerpdflinkmatiexsnakekeyloggerxmrigardamaxmetasploit

behavioral1

matiexmetasploitsnakekeyloggerxmrigbackdoorkeyloggerminerstealertrojan

behavioral2

matiexmetasploitsnakekeyloggerxmrigbackdoorkeyloggerminerstealertrojan

© 2018-2024

Terms | Privacy