privateloader | 892834734712fe5bc7a6614be6972de1be2d74ad424ef47b2c701046e4912426 | Triage

Sharing

General

Target

892834734712fe5bc7a6614be6972de1be2d74ad424ef47b2c701046e4912426.exe
Size

403KB
Sample

241123-e934vsylcx
MD5

b8de3346a34f0fbe1f04d826a5e47b6e
SHA1

8b19d7c56f78ce6ce055eeb1d412b446b59efa19
SHA256

892834734712fe5bc7a6614be6972de1be2d74ad424ef47b2c701046e4912426
SHA512

5125622113c5e4ea9be7390bbef0be5d8bf17b00022f39f50fff86170330acdca37368c338d815156b24af960ab2861efe6bf1281920c156891c9062e35c4f6f
SSDEEP

6144:SqJj3bQ/UCg7m1ugavIv1pE0EAPMrGWsWDWidF0HQszCZ2Ftppb9Y81+k7pq7FL7:Sql3k/b1ugaUS2zts

Score

10^/10

privateloader discovery loader

Malware Config

Extracted

Family

privateloader

C2

http://45.133.1.107/server.txt

pastebin.com/raw/A7dSG1te

http://wfsdragon.ru/api/setStats.php

51.178.186.149

Targets

- Target
  
  892834734712fe5bc7a6614be6972de1be2d74ad424ef47b2c701046e4912426.exe
- Size
  
  403KB
- MD5
  
  b8de3346a34f0fbe1f04d826a5e47b6e
- SHA1
  
  8b19d7c56f78ce6ce055eeb1d412b446b59efa19
- SHA256
  
  892834734712fe5bc7a6614be6972de1be2d74ad424ef47b2c701046e4912426
- SHA512
  
  5125622113c5e4ea9be7390bbef0be5d8bf17b00022f39f50fff86170330acdca37368c338d815156b24af960ab2861efe6bf1281920c156891c9062e35c4f6f
- SSDEEP
  
  6144:SqJj3bQ/UCg7m1ugavIv1pE0EAPMrGWsWDWidF0HQszCZ2Ftppb9Y81+k7pq7FL7:Sql3k/b1ugaUS2zts
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

loaderprivateloader

behavioral1

behavioral2