General

  • Target

    4dc685094aac4273f7bee8a6f2f2ec241606626cba0213491a898b2fcf67151f

  • Size

    18.7MB

  • Sample

    241109-xlfyjazfjr

  • MD5

    73fe2eb11ea63240a962b95cdcabf2ab

  • SHA1

    f6e6f4a5f6730be5720a12bc2289ae8cd9b89a7f

  • SHA256

    4dc685094aac4273f7bee8a6f2f2ec241606626cba0213491a898b2fcf67151f

  • SHA512

    29848a646a117bb048e4157504ad9333137878bcdda21fba348ef1512c8a7268ada697872606cd876a42a2352a1e5ae09feb447b63e7f3a2620ab26aee785ccc

  • SSDEEP

    393216:f5C6+8d007mKtcYTHSJXKA7EaybFDp8U3Kjyqum7KoJ:f53+8FOXQPbX8UiyiGoJ

Score
9/10

Malware Config

Targets

    • Target

      ChromiumUpdate.exe

    • Size

      766.8MB

    • MD5

      bbcda30b04ba64717c6ad8118241b9af

    • SHA1

      46fe91bf2abf0b956bb248402b695afb9673a738

    • SHA256

      0842a9a58afbc69063f4ded76768549f78ae0dbfe717807be6fccc522e6a6f6e

    • SHA512

      9b6fe9b489b13922942180332f83b2049acec00d934d0cb6bde3acbbebd3aadcaa43a165f6e49ecc56e479c2c2f2f0885e1d92b209e542305a7e7cae360af20a

    • SSDEEP

      98304:ANCq6BaDYlKeUJQDqxRqq8KMOXuUESNrT9GpHWB:ANYacrDIqjKMUne4

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      Dreksite-main/about.php

    • Size

      3KB

    • MD5

      4c634bb36903c42c39adb873b1836d05

    • SHA1

      4631d1165ea4616aac117767a787a10f9f595265

    • SHA256

      e5a052e16d88a0257f9c1e290c679da3cfc79c2590cf6553df7c1ce61db5b120

    • SHA512

      40e5f4e867a2ef179ee1e1dab85bdd1d8583811edf289e165d782a774ade07fa9e01e43a377522af43e8261f8ac7d56b461b35d29126f5118e3f447017e6bd1f

    Score
    3/10
    • Target

      Dreksite-main/affiliaties.php

    • Size

      2KB

    • MD5

      6058a775265e01eb7f01f72738c48157

    • SHA1

      821651933c8c86d63d3f63bac52da13c27f80220

    • SHA256

      a68c38753e97d6a22ab7f1487ac2f0e024031924a2350ef945f0cb0c2914c314

    • SHA512

      cd5d07a726c54785b978f682164145af27973380e6604285d6d97cb83fe730a597fca81db4ec1b9f6aafd8ebb4b03eb80df0b94c97d64e7b00ae210373f6f0e6

    Score
    3/10
    • Target

      Dreksite-main/bedrijf.php

    • Size

      2KB

    • MD5

      87700d5e87a8f8cadb1e498b204e0f88

    • SHA1

      9d32e0871ba96f25ecd08a65e8a904ebb4f6ddf6

    • SHA256

      2e3d9cb4fc0904b75c2c5772c3eec2acb5d37a378ccb267e16898ba105727733

    • SHA512

      eb2c50cf2b8268e3d760b71677a95b5d262e9986dba665459f97e8dc60bbb2cd0373d05b8cc41aa13168a771939b53d989fa23847d7a72f0d45cf7356ad4f1d7

    Score
    3/10
    • Target

      Dreksite-main/contact.php

    • Size

      3KB

    • MD5

      14882721c0ae2374b90d34fbb7b37aca

    • SHA1

      12e557e6b3f16b573dfcbc7e43c42b86d50ec47e

    • SHA256

      3282e18bb450903bdd5f018db38b85b654d61864cc667e64e1141a088ea3499a

    • SHA512

      b1cbd6b56f93df823ac740b516719daaf7b0fbdeb8dd3058052d90d0451af1bdc6bd631a6dac8bdce0335a48ea88b047e68769870951324de59461b85faca2c7

    Score
    3/10
    • Target

      Dreksite-main/index.php

    • Size

      1KB

    • MD5

      7fc7c31bc615dd019aa088a7fc9ca469

    • SHA1

      bd4f4978dbb1962d1d70bed5f691224be8dc4b30

    • SHA256

      7d9d16a95ae255a98cd48a298aa6d9c0ee40ff7dcb8307a64e2f19b59bee3b9d

    • SHA512

      050a321556aacc66daa75c3e0788cf136da5b00c0aee6ea273a464b3079159ccdc43670463fea0539fffb2574a2aaa2997b2a4def9449dceb25bd3685ebb2220

    Score
    3/10
    • Target

      Dreksite-main/intradrek/admin/includes/head_section.php

    • Size

      547B

    • MD5

      eed52051945d015e43f90f31879f0f98

    • SHA1

      6c5d70cec95406227109021a659778894295ac9c

    • SHA256

      aa8242872f9e99dc5c5b9f937e841e9172447f3729b050798dc95ad9e04df8a9

    • SHA512

      de51731164bce914d0a301ab1db7b939a231f5bee5596452f370a8d06fadbfc35a321fa54d41bd384ccdff1585bee6eb51a12867e0d5387579a6a89e8809528d

    Score
    3/10
    • Target

      Dreksite-main/osdorp.php

    • Size

      2KB

    • MD5

      f8d6e51e34fb310a3aa3c2aa71e957f7

    • SHA1

      8ea5edd779372d0d09ab69fd7a1ff66e3cca512b

    • SHA256

      d25aaa46afcd35524fb2288f4ad48ee21b156bf8a119aeebd40239670c866b43

    • SHA512

      5ce2b68726553db34dc41f2eda10dc2fcf30ab5d0142fac58deb33fbd7e61d6423ab0c6ff62d912ea2ca78a7e52c180eefbd3d3e5ffd23e34329915ae0cca2f7

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks