General

  • Target

    https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/BlueScreen.exe

  • Sample

    240828-xl4dts1cke

Malware Config

Targets

    • Target

      https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Trojan/BlueScreen.exe

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks