Overview

overview

10

Static

static

10

ec8365d74b...18.exe

windows7-x64

1

ec8365d74b...18.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec8365d74b0deffc47d8e0ac9be9ab07_JaffaCakes118

  • Size

    392KB

  • Sample

    240411-c8wmaaac69

  • MD5

    ec8365d74b0deffc47d8e0ac9be9ab07

  • SHA1

    37c2e44800425739e7fa0b01e13aee18448d8daf

  • SHA256

    f070c05815f01d177e6becbda89b23863db7750f09d3b0fc500edf05932a04a4

  • SHA512

    f790ebe31d638bddb1d6e4aadc22518a9085446e0051d6dba31cd1982f675d6a189d700c12c83ea050d17cd32773403c238dfc49895f4f921873edd6151bfcc3

  • SSDEEP

    12288:Mg1fPvbfKgWp3bQiTTbsqmMFigSPQ3quQ7OtnTN:Mg1fPvberQiXQvyAPwXtnZ

Score
10/10
privateloaderloader

Malware Config

Extracted

Family

privateloader

C2

http://37.0.10.214/proxies.txt

http://37.0.10.244/server.txt

http://wfsdragon.ru/api/setStats.php

37.0.10.237
Attributes
  • payload_url

    https://vipsofts.xyz/files/mega.bmp

Targets

    • Target

      ec8365d74b0deffc47d8e0ac9be9ab07_JaffaCakes118

    • Size

      392KB

    • MD5

      ec8365d74b0deffc47d8e0ac9be9ab07

    • SHA1

      37c2e44800425739e7fa0b01e13aee18448d8daf

    • SHA256

      f070c05815f01d177e6becbda89b23863db7750f09d3b0fc500edf05932a04a4

    • SHA512

      f790ebe31d638bddb1d6e4aadc22518a9085446e0051d6dba31cd1982f675d6a189d700c12c83ea050d17cd32773403c238dfc49895f4f921873edd6151bfcc3

    • SSDEEP

      12288:Mg1fPvbfKgWp3bQiTTbsqmMFigSPQ3quQ7OtnTN:Mg1fPvberQiXQvyAPwXtnZ

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks