a7170fb544444a648b318456146e9866fdb4fd92d25a88da154671ab72b8c273

Sharing

Copy URL

Twitter E-mail

General

Target

usbwebserver_v8.6.5.zip
Size

63.0MB
Sample

240223-jmkffseb27
MD5

44f027a6f1abf9e6e2b1ad29e5cd14c9
SHA1

b1f6a3fb007d6307694c61a32cd1a9425570a846
SHA256

a7170fb544444a648b318456146e9866fdb4fd92d25a88da154671ab72b8c273
SHA512

e47cebb19ed2ba023764d6d57092f0ab1bd806d5672330f3169c179dbb6d4a19f642035308b62df6ab2e63f91a46872f8db2b6a9dfe499177d492f0a11b9e4e9
SSDEEP

1572864:kxfFb6UMFV9EgRNdOUpwnhmgZRmqCbHMQ5DguO93vyZEq:0fFWf9EiDpWhmgZRGJguU6

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://reports.phpmyadmin.net/incidents/create

Extracted

Language

ps1

Source

URLs

exe.dropper

https://www.phpmyadmin.net/home_page/version.json

Targets

- Target
  
  usbwebserver_v8.6.5.zip
- Size
  
  63.0MB
- MD5
  
  44f027a6f1abf9e6e2b1ad29e5cd14c9
- SHA1
  
  b1f6a3fb007d6307694c61a32cd1a9425570a846
- SHA256
  
  a7170fb544444a648b318456146e9866fdb4fd92d25a88da154671ab72b8c273
- SHA512
  
  e47cebb19ed2ba023764d6d57092f0ab1bd806d5672330f3169c179dbb6d4a19f642035308b62df6ab2e63f91a46872f8db2b6a9dfe499177d492f0a11b9e4e9
- SSDEEP
  
  1572864:kxfFb6UMFV9EgRNdOUpwnhmgZRmqCbHMQ5DguO93vyZEq:0fFWf9EiDpWhmgZRGJguU6
Score

1^/10
behavioral1 behavioral2
- Target
  
  usbwebserver/apache2/bin/openssl.exe
- Size
  
  471KB
- MD5
  
  14e4b6efcefbcb17d70d59aa64a2be0f
- SHA1
  
  38edfd2097c0394fcc7861a87e267bb4972789b6
- SHA256
  
  92e821f829b5bb8daf4245b333f992966231293ccb68f7e424472498c7387dfd
- SHA512
  
  c2464b5dbb1236e484ac36e739b0ec7b66332db89fe0177d915d476df389df5a0a1e2d0aa1434d110eb6f7595945e7899480cac8b5f3ae1e93ec7a0acca03cc2
- SSDEEP
  
  12288:x56Tx52lAz05HCsoLXXkURkdNVkfw4s8nSdQNUsOM0XVBZwuROj2c2Y/noZiulcM:xQWnwBYrhp4yPI7aKm9
Score

1^/10
behavioral3 behavioral4
- Target
  
  usbwebserver/php/php-cgi.exe
- Size
  
  59KB
- MD5
  
  3f39e00f2f424fd8026ea2cc386f7cce
- SHA1
  
  6358f1897c56ee3064dfc049529cb1c593ebeaec
- SHA256
  
  11d90e1a630ea3046cf8640e8d4b7471e38d19f921d2d4cc854f29ac4bc0fbc4
- SHA512
  
  4ba43c8a3f9eadea1f579599e157a81cba534054f443ef28453bcb98afe1878ec6f3ca78ce0320ae20b2ad864a34f2ed4228deba103d631de4b3288997743296
- SSDEEP
  
  1536:MQ5Z3U0JwFNeKPnXlTy0W8YBk9dv84K5TU/dsu7C:MQ5Z33JAtPBxWdCjv84K5TU/dsu7C
Score

1^/10
behavioral5 behavioral6
- Target
  
  usbwebserver/php/php-win.exe
- Size
  
  33KB
- MD5
  
  a5177ef37aa81d88c1d440d8a46bca26
- SHA1
  
  4da4d72c575c2e8ae66d68e5e9a38ec885556d00
- SHA256
  
  65a5729a64314328409b06350a3983d532ff332668104a93a80f8ec76b8cdb27
- SHA512
  
  104a77969981ce92904fa0a5e4911511829d55526ed42e9b97ee43b896ae68c40218ea68688187070140a7bf63888e2a6aa5f866597b34869cae569230a7491b
- SSDEEP
  
  768:8zDtSZ06KqOpIW4ufJeOm4j9vrTB0nINpNN:8PIZ06bzufzHjxTQINpNN
Score

1^/10
behavioral7 behavioral8
- Target
  
  usbwebserver/php/php.exe
- Size
  
  116KB
- MD5
  
  63ebfd1417e271c2071ab2059cca44b1
- SHA1
  
  889157e1955ca272c3ec31a2620d47d82a78afa3
- SHA256
  
  9ebe2a6aa7aaf37c57c98e783a310c7cfe535b14d1940e900f453f35175cd6b6
- SHA512
  
  1e0d2b1490d725b693448f8aadf9ea2e8e53c4793a43b9efddf6cf589e87e6eb50683f0b3982ba6b6a1a652e9eddc3042e28750d02ed1d9fe058c930c1ab7a0d
- SSDEEP
  
  1536:CO6I8JF4O4CbVXxri7l5RFKMD4n4ykOVd9/4zK4EzKLLyc2ycqOLDEp:3iJFUCbFFQdc4keLynycqOHE
Score

1^/10
behavioral10 behavioral9
- Target
  
  usbwebserver/php/php.ini
- Size
  
  71KB
- MD5
  
  44e04e7a93e31dd44251b01f09e11842
- SHA1
  
  426ffce3aa89a1ad1126ca97ae6819960d5f91b7
- SHA256
  
  5e196f6956ea5496c6b998281a5380487fe59460643efb1400c84ff62e3ca479
- SHA512
  
  73af7191ac1bdb41d8e532b3d7495acb00a4a39911e18b39b9f6f6dfd3842bbf1134efff06f43d55d3732640f447d1dd5f3d576709ca929a07881d963c815cb8
- SSDEEP
  
  1536:I5+iKcGNQGrNRVD4ktxYGwJ0wXSW+eahRD:IEiKp/NR5JxYGgbahRD
Score

1^/10
behavioral11 behavioral12
- Target
  
  usbwebserver/php/php.ini-development
- Size
  
  72KB
- MD5
  
  3140563095bc9cef8b7061edcce0637b
- SHA1
  
  78be22a9096a8b47584905aed783f831affe1c16
- SHA256
  
  0ae323833232e58956d502b73f2d9879fbc0325617d9da96245b713f31cf3de4
- SHA512
  
  6f455f36f5ec607dd161c8c8ceb7b7892c1bc222ae21900ab8b5de6794e3bc56b2cd9b5ba369d2e7b5fd5da23575296e22ab980c5d8c568e416315c5cecfde09
- SSDEEP
  
  1536:AwdwKfjNWOnkBhVCJiwOYmLr1iFfXLahU0:AmwKxgBhQdOYSwahU0
Score

3^/10
behavioral13 behavioral14
- Target
  
  usbwebserver/root/index.php
- Size
  
  1KB
- MD5
  
  2030e82d13c2e54590e86eecaf0ea82a
- SHA1
  
  924c48cf5624b2c0a34b9ffac880ff17eebf4572
- SHA256
  
  35d8c2f40a41257217039aa9ff6e70364a05da136cb8e4265aeaab41686addbe
- SHA512
  
  e90bb4051b7e8eb8e9e65321f344e6b604f88729f4e197fdfd4f754d71a38c7de2a9f78a09ef869712e630bc674f5a97b24b6f6ed78a798f0af16fd87add51d5
Score

1^/10
behavioral15 behavioral16
- Target
  
  usbwebserver/usbwebserver.exe
- Size
  
  688KB
- MD5
  
  64e369f7714b08d58f23004617d73348
- SHA1
  
  c206a573eb1110df6df08f5e49724e76d6795fdb
- SHA256
  
  45d53d2c2c1cb5b736b4d3f009a127344ff0e83ba81f4fffbd82aa4a01abaebe
- SHA512
  
  193b209bae4b5a0bed43bc3632f12d5db787476e34ad901a0a95517ac88c10109a2e1ae3a58ea9edb50edc865691c7cc827917fc7596ee4ab1a2234d4702032c
- SSDEEP
  
  6144:/p1hfNj2EVQoDcOxCI+NaAZZ5ktdWN75qDHQUO1XLc:h1f2E2w/x6NZ1ktdWT4HQj1
Score

3^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18