General
-
Target
https://mega.nz/folder/PN4TWQAD#fOnISnpBOgXCyzcvJsrlhA
-
Sample
241023-wy896stdqh
Score
8/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://mega.nz/folder/PN4TWQAD#fOnISnpBOgXCyzcvJsrlhA
Resource
win11-20241007-en
windows11-21h2-x64
30 signatures
300 seconds
Malware Config
Targets
-
-
Target
https://mega.nz/folder/PN4TWQAD#fOnISnpBOgXCyzcvJsrlhA
Score8/10-
Executes dropped EXE
-
Indirect Command Execution
Adversaries may abuse utilities that allow for command execution to bypass security restrictions that limit the use of command-line interpreters.
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Enumerates processes with tasklist
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Indirect Command Execution
1Modify Registry
2