57931fe5791d52b1184d2413e59f48c3d14677af10c6130d29bee7a7b8cfca7a

Sharing

Copy URL

Twitter E-mail

General

Target

BlockTheSpot-master.zip
Size

938KB
Sample

231012-nnl3wsfg41
MD5

2489b67f5f467e267f20fd8f874ab949
SHA1

7b59f2f5acac6dd2416dd5f6663ebb1b211f15c7
SHA256

57931fe5791d52b1184d2413e59f48c3d14677af10c6130d29bee7a7b8cfca7a
SHA512

da2e39c98c67e18a531bbcc6a961a2b3fce22d547d1e6f6801d7fcea0304a0aeaeef7708d51a302f2e7f1d932ac4c9ca5cba78452f607b13cf8bf167cff4cab0
SSDEEP

24576:z2khyFWzUEkGm7URKSqqlc7sQnzAG529V4bJlgvoRD5PY4F:nyFoLOac7s022p5h

Score

8^/10

Malware Config

Targets

- Target
  
  BlockTheSpot-master/BlockTheSpot.bat
- Size
  
  265B
- MD5
  
  d2a6bb7593c8c2c054a65c6d2167197a
- SHA1
  
  721bc41054dfbdac908e11881e5c1885002a8183
- SHA256
  
  8b78d1071a5c9add21685f9607f42010ef8c04fd4a789a45fe8678fde6ab1d24
- SHA512
  
  48fbc3ef45ec6b1fe3fd6a6d832739308bcf84c4bd7fa83b7295e054a29dda15cc0b70d93ef43906c3c9fb4194e66eab02eb8863d2a1a5646c18d7b3a52984ca
Score

8^/10
- Blocklisted process makes network request
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  BlockTheSpot-master/README.md
- Size
  
  2KB
- MD5
  
  6638310b9da3dcf44d3ff75b979c7cd3
- SHA1
  
  8817e3ca2246c29308fbd7ee018cf59bcecd2c7e
- SHA256
  
  67c5b4e152002768952e0b94b2835eeb7a6798137f4d932aea25dcc1a4e2fdb2
- SHA512
  
  fcad92d9df84c0e3e8d57cc7194d7f5cb9eda4738393f6ce3da9f344418aa21a299bf6286fc524429ec3d684a5811715a2e28adbf9ea3406ea44d242a8b4a470
Score

1^/10
behavioral3 behavioral4
- Target
  
  BlockTheSpot-master/install.ps1
- Size
  
  9KB
- MD5
  
  f52fdfd9293707a3aaae7425cf0feb53
- SHA1
  
  2deab7c0c3529454fe9987f3085a84d329c73b62
- SHA256
  
  17683dc2f6e165eb893124a4f2091aec5271d2843979d0c00d2340ca0e7e1211
- SHA512
  
  00e54be7bf7896b447322555f18567c7301ae38ddec26e5923c55e4b2eb35a0fa343ef1da75e930e1a68cd140dd84e6412d4140209c376b5032bb69976bb926b
- SSDEEP
  
  192:gl0/4aNtltM239I6Bjk9t9radrSzOFKN87jkOf4TpU2ipGegnJuq+vih:gK/4aNtltM239I6BsOtwOFPTQTpcpJ4r
Score

1^/10
behavioral5 behavioral6
- Target
  
  BlockTheSpot-master/src/BasicUtils/Console.h
- Size
  
  5KB
- MD5
  
  8eb8c3440842744b23c0a9e310a0f710
- SHA1
  
  a951bb2ed61007b81bc85af20d6791daa235e040
- SHA256
  
  1ad0355af1483b823260cd772e440ca297c4380133c13aa1088fd9f04b5ca011
- SHA512
  
  3150d342613d9fc14ccf99a85211135217b3d56cf3d9e4fb5e9752a6b2b482733419dd9ae31b045d4f3036305434eac80e3f05cbe584cc430973169bc034d921
- SSDEEP
  
  96:oJcazmlfaY+wmfztzA+AmPwzHzinZ1n4g4fxSg5mPHznztV14IxntP:oJcazifswiztz7AmIzHzcFC5mPznzLdX
Score

1^/10
behavioral7 behavioral8
- Target
  
  BlockTheSpot-master/src/BasicUtils/Utils.h
- Size
  
  3KB
- MD5
  
  0c7911acb01769a2872169c99b68ca97
- SHA1
  
  21dc41fe8ab356189af20df1e1a85db96ad35092
- SHA256
  
  46a6461b590f079d6aad4deb3d338a2d4dc78cd518b48b046715bc2384ca6da2
- SHA512
  
  4554956060ab66d25e56d595b04c27d60b482966e7effe7b4eb0c3adf8e8971e43f8d23b2bc346b27bb57c85002fbe8099f3cde7c7c833be607a5b724f45907e
Score

1^/10
behavioral10 behavioral9
- Target
  
  BlockTheSpot-master/src/Debug.cpp
- Size
  
  2KB
- MD5
  
  a5cb5475c127a015dbada6925200cc5e
- SHA1
  
  ea8b76c88410ebbbdc04a7f145c2054033727a30
- SHA256
  
  f09d266177f1b93907f036dc101a7432c2f42376818b9bf77c048d47a22270cb
- SHA512
  
  579f30802c2aa73b01f081c01e025a2eb6703022aa4046aff0e85191b08198760cc65dac792aaa3cafc3131aa3f0fa969c77449849dd814e9d042553c4134a5e
Score

1^/10
behavioral11 behavioral12
- Target
  
  BlockTheSpot-master/src/Modify.cpp
- Size
  
  13KB
- MD5
  
  a3656364c3ede13b78ee489d39e56273
- SHA1
  
  25548d5a9328ab20143804c0e027529834a89168
- SHA256
  
  d236a817bb29f3bb58c2840256589b56c49eecca14a49ff8fe9cf7196d07d28b
- SHA512
  
  e61683ba627ef123359e3906e02c56e976c107c8af919b20781c2ece09e5db56f1ccc6b35ade67a8bb7f5fe13b949ffe07e35af6ff548814c73ad98aa8606b44
- SSDEEP
  
  192:7D6Du/ggXW4wLC/luDgKeEH8P7A+iP7vNx:SDBJDgKt8TA+cX
Score

1^/10
behavioral13 behavioral14
- Target
  
  BlockTheSpot-master/src/dllmain.cpp
- Size
  
  2KB
- MD5
  
  b554f7f22e52ab7ecf4e8484a059e898
- SHA1
  
  718a4c923b9d7fba4d761dbe079b3436884a4c1e
- SHA256
  
  d35137f0176e538c57c908e39ab4abc07dfc343f064fe93a87660b9d34f7086c
- SHA512
  
  599cf825cd4733b45127873fd5c01e2aba59e0cad896a374e517109db3cb4be7023507fb1e663f056a90ecc34460a029eeff9d8ef08ccfc2fb499578727743f0
Score

1^/10
behavioral15 behavioral16
- Target
  
  BlockTheSpot-master/uninstall.bat
- Size
  
  235B
- MD5
  
  c44f13bb1f4571aaa3dc467d867c9fb7
- SHA1
  
  e74cc8dd4df976152a5e9a7342efdadb9e807934
- SHA256
  
  37832226859ff706c657b5e270366b46a45482ce947614c4f0627d94106c89ec
- SHA512
  
  32941f1cf94a08fb1428b72c26c365d26b2388b46b54a1e7d4cf998386bfac46332056f08eee02c2f1ec581461ba5d483df641f568683a12ce52249b58d9e223
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18