General
-
Target
https://drive.google.com/file/d/1DyPQBgOXdxqnRUSgciJhcZBzcII4cWjn/view
-
Sample
240905-pdyvdazhjp
Score
8/10
Malware Config
Targets
-
-
Target
https://drive.google.com/file/d/1DyPQBgOXdxqnRUSgciJhcZBzcII4cWjn/view
Score8/10-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Mark of the Web detected: This indicates that the page was originally saved or cloned.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1