Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://ww7.zerouplo...

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    https://ww7.zeroupload.xyz/60ed0ffc3ef2d7171cdefdb6b7d6bc8c/LightroomClassic13.1_DownloadPirate.com.rar?download_token=698c30d2bdc432ffe5e1464626945b372976a5269ae8c6ba3e54853bfcf63955

  • Sample

    240222-2hp49afh8x

Score
8/10
evasion

Malware Config

Targets

    • Target

      https://ww7.zeroupload.xyz/60ed0ffc3ef2d7171cdefdb6b7d6bc8c/LightroomClassic13.1_DownloadPirate.com.rar?download_token=698c30d2bdc432ffe5e1464626945b372976a5269ae8c6ba3e54853bfcf63955

    Score
    8/10
    evasion

    • Blocklisted process makes network request

    • Modifies Windows Firewall

      evasion

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks