Overview

overview

10

Static

static

1

.html

windows7-x64

10

.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    .

  • Size

    2KB

  • Sample

    240617-a9gtea1bjm

  • MD5

    15128c654f26eeb6b61baeae5b3d6f59

  • SHA1

    c7a18064faa7a668fe31ea8625d72a531783fdf6

  • SHA256

    b4260a647d6db5b7c26bccbaba6455bcff3d7abc6d5740f1b35bc9cc6fd70bc7

  • SHA512

    5d64eaaefa7508e9909b52e6dd30fe20fd456356be596ed416f4b5b6b901f2c7a2dcab76d5de5638604c0c4519d9802dc6813c7c4f972d5f9b683ee527db4ee0

Score
10/10
phemedronestealer

Malware Config

Extracted

Family

phemedrone

C2

https://api.telegram.org/bot7250665686:AAHW0YznZP8w-6An0q8-OF3zVVfXyjQuxLM/sendDocument

Targets

    • Target

      .

    • Size

      2KB

    • MD5

      15128c654f26eeb6b61baeae5b3d6f59

    • SHA1

      c7a18064faa7a668fe31ea8625d72a531783fdf6

    • SHA256

      b4260a647d6db5b7c26bccbaba6455bcff3d7abc6d5740f1b35bc9cc6fd70bc7

    • SHA512

      5d64eaaefa7508e9909b52e6dd30fe20fd456356be596ed416f4b5b6b901f2c7a2dcab76d5de5638604c0c4519d9802dc6813c7c4f972d5f9b683ee527db4ee0

    Score
    10/10
    phemedronestealer
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks