Overview

overview

10

Static

static

3

MAMAWEEGEE.exe

windows7-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MAMAWEEGEE.exe

  • Size

    146KB

  • Sample

    240424-t9f2nadd6s

  • MD5

    7567087160362c815deda505d2c8e7b7

  • SHA1

    616e5dd2a6dbfc50a716d004a4b2f7a7c0b63b6a

  • SHA256

    06a80e0fa37a104fb7dfa397d0fb60672f9408d057933e685a7df9be09db52f9

  • SHA512

    9722b78a388fb9a332cf91a0874b77f7c12577d2b9f7cbb0ccb011650afa2dbedf9f2d35255492b9403ae7527eb67ab19d308395940f66a897e5d4dae1283108

  • SSDEEP

    3072:R7DhdC6kzWypvaQ0FxyNTBfLRcpx698R9VeF25:RBlkZvaF4NTBjRcrpC+

Score
10/10
evasiontrojan

Malware Config

Targets

    • Target

      MAMAWEEGEE.exe

    • Size

      146KB

    • MD5

      7567087160362c815deda505d2c8e7b7

    • SHA1

      616e5dd2a6dbfc50a716d004a4b2f7a7c0b63b6a

    • SHA256

      06a80e0fa37a104fb7dfa397d0fb60672f9408d057933e685a7df9be09db52f9

    • SHA512

      9722b78a388fb9a332cf91a0874b77f7c12577d2b9f7cbb0ccb011650afa2dbedf9f2d35255492b9403ae7527eb67ab19d308395940f66a897e5d4dae1283108

    • SSDEEP

      3072:R7DhdC6kzWypvaQ0FxyNTBfLRcpx698R9VeF25:RBlkZvaF4NTBjRcrpC+

    Score
    10/10
    evasiontrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Disables Task Manager via registry modification

      evasion
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Privilege Escalation

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Defense Evasion

Modify Registry

2
T1112

Impair Defenses

1
T1562

Disable or Modify Tools

1
T1562.001

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks