Overview

overview

10

Static

static

3

db4a99a222...82.exe

windows7-x64

10

db4a99a222...82.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db4a99a2222cd4ff1e38cb7a167e6782

  • Size

    200KB

  • Sample

    240321-lhkxjagd79

  • MD5

    db4a99a2222cd4ff1e38cb7a167e6782

  • SHA1

    ac220091ee274e285a84f465797cf0de426c2c95

  • SHA256

    7b6ebb8c45b9da5e1253fcd5dbcf770726caaf901240fa9b632156df21795c1a

  • SHA512

    517813d41ce1530e8aacc85364fc5aa5c5167caff36de107b3e9537cb59fecc11e93f2342139578bf9c94c28c96c3e0c4797c47d0cfd8188632b2d9581bcfbe6

  • SSDEEP

    3072:s9L515GAXnHiMdMVC+urBN5D0TL4BNg9R7Tc/muJ+VziGZ7yz:UL1CKMahPsc/mJVg

Score
10/10
onlyloggerloader

Malware Config

Targets

    • Target

      db4a99a2222cd4ff1e38cb7a167e6782

    • Size

      200KB

    • MD5

      db4a99a2222cd4ff1e38cb7a167e6782

    • SHA1

      ac220091ee274e285a84f465797cf0de426c2c95

    • SHA256

      7b6ebb8c45b9da5e1253fcd5dbcf770726caaf901240fa9b632156df21795c1a

    • SHA512

      517813d41ce1530e8aacc85364fc5aa5c5167caff36de107b3e9537cb59fecc11e93f2342139578bf9c94c28c96c3e0c4797c47d0cfd8188632b2d9581bcfbe6

    • SSDEEP

      3072:s9L515GAXnHiMdMVC+urBN5D0TL4BNg9R7Tc/muJ+VziGZ7yz:UL1CKMahPsc/mJVg

    Score
    10/10
    onlyloggerloader

    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

      loaderonlylogger

    • OnlyLogger payload

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks