Overview

overview

9

Static

static

3

forvmbo4.exe

windows7-x64

1

forvmbo4.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    forvmbo4.exe

  • Size

    93KB

  • Sample

    230817-txgsesag38

  • MD5

    228139068662ee8975ba11cc358f6d6f

  • SHA1

    2e670edf9c635759ccaa452c6d062fe5f46840c6

  • SHA256

    aab153adf3826be713a143df8f8da8ec586f2dd327758718b18b8cf6d824cdc8

  • SHA512

    7950d9065867551bb0a8a4d250c1f3900a8574620b8654dea2638c4244d44189509548d432a901e99f0b10e40fd6b6623d78053c199a93a18ff28ddbbbc6caea

  • SSDEEP

    1536:/7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIf7wcDaAO5:z7DhdC6kzWypvaQ0FxyNTBf79DQ

Score
9/10
discovery

Malware Config

Targets

    • Target

      forvmbo4.exe

    • Size

      93KB

    • MD5

      228139068662ee8975ba11cc358f6d6f

    • SHA1

      2e670edf9c635759ccaa452c6d062fe5f46840c6

    • SHA256

      aab153adf3826be713a143df8f8da8ec586f2dd327758718b18b8cf6d824cdc8

    • SHA512

      7950d9065867551bb0a8a4d250c1f3900a8574620b8654dea2638c4244d44189509548d432a901e99f0b10e40fd6b6623d78053c199a93a18ff28ddbbbc6caea

    • SSDEEP

      1536:/7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIf7wcDaAO5:z7DhdC6kzWypvaQ0FxyNTBf79DQ

    Score
    9/10
    discovery

    • Contacts a large (8068) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks