Overview

overview

10

Static

static

3

db98541381...18.exe

windows7-x64

10

db98541381...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db985413812a7508f56a537e7fcf92dd_JaffaCakes118

  • Size

    176KB

  • Sample

    240912-b4wk2svcjm

  • MD5

    db985413812a7508f56a537e7fcf92dd

  • SHA1

    ab65292060648492ac81a9a705565b202e53a77e

  • SHA256

    af54c0dfe1e9bdc7a64051aeff14ee70a8b8371c5374f11beef28cf77a75cd71

  • SHA512

    f063fbf0fed8be062f4077ba9d65fa23fcf17b90e4a62862cce648069dc93a827fa48d533196674940134a01f2c4bf1a912f0c7f1433a31b8022948db2f762ea

  • SSDEEP

    3072:Of5o95zR6N78SuYjKIqUBZCXVYYlfAxTMYhflqA0J4:rzRSASupUB82TDhNB

Score
10/10
mylobotbotnetdiscoverypersistence

Malware Config

Extracted

Family

mylobot

C2

fywkuzp.ru:7432

zdrussle.ru:2173

pseyumd.ru:5492

stydodo.ru:2619

tqzknrx.com:1123

mdcqrxw.com:4984

tpwtgyw.com:9631

cnoyucn.com:9426

qhloury.com:4759

fnjxpwy.com:3863

csxpzlz.com:5778

wlkjopy.com:8778

mynfwwk.com:8427

uuitwxg.com:6656

agnxomu.com:8881

wcagsib.com:3547

fmniltb.com:9582

oapwxiu.com:3922

petrrry.com:7531

poubauo.com:4623

Targets

    • Target

      db985413812a7508f56a537e7fcf92dd_JaffaCakes118

    • Size

      176KB

    • MD5

      db985413812a7508f56a537e7fcf92dd

    • SHA1

      ab65292060648492ac81a9a705565b202e53a77e

    • SHA256

      af54c0dfe1e9bdc7a64051aeff14ee70a8b8371c5374f11beef28cf77a75cd71

    • SHA512

      f063fbf0fed8be062f4077ba9d65fa23fcf17b90e4a62862cce648069dc93a827fa48d533196674940134a01f2c4bf1a912f0c7f1433a31b8022948db2f762ea

    • SSDEEP

      3072:Of5o95zR6N78SuYjKIqUBZCXVYYlfAxTMYhflqA0J4:rzRSASupUB82TDhNB

    Score
    10/10
    mylobotbotnetdiscoverypersistence

    • Mylobot

      Botnet which first appeared in 2017 written in C++.

      botnetmylobot

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.