Overview

overview

10

Static

static

10

malware_10...er.exe

windows7-x64

10

malware_10...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06012025_1610_06012025_ggps4glzvy3ivh52ssjm.7z

  • Size

    40KB

  • Sample

    250106-tmb47asrgr

  • MD5

    9e20ed31cedaf5bfce55b4cd425ddc8d

  • SHA1

    1c989023030964a2b9e015e1fde88356f7fd8617

  • SHA256

    b080055cda6e85fe9e87e531d7c65613b5151649261d633d8d919923a2ff850f

  • SHA512

    19644c5d8572004283d4d94f872198a56f688a9e886846d3956ebd8019d4af27899e4dea949bc28619df7b2af2a468b2d3c5070b6b5c4b44542d6a8e5b9d597b

  • SSDEEP

    768:ha2pPyyXsBZ0qgJt7gWrozmT0HIJSO+bl2Gm7bmR7IDHGFY3eziZWP8fv3gd11yY:cqyybf7ZOmTdJSO+kG2m2HO+R8Wo1yY

Score
10/10
netfilterdiscoverypersistencerootkit

Malware Config

Targets

    • Target

      malware_10_netfilter.exe

    • Size

      113KB

    • MD5

      1c3db7002523e1acd621c90701c694ae

    • SHA1

      aee092fd31772d33932a7a02dd2d73ede67f7db0

    • SHA256

      d64f906376f21677d0585e93dae8b36248f94be7091b01fd1d4381916a326afe

    • SHA512

      e94cd7fa788fa2f828dd40fe096b25655d7b8fe9fd948c5b53f6c30039ca0b9c309ebf8619c0de6988ef5efb4db0b0683c9ddc63ad200aa5e88b8f01a9294f1b

    • SSDEEP

      1536:HL9RWXOQwi6wEBxmTSp3EpoNyq+4lRX6IHOSyOVi77:rLKOQwNOT+eFq+4lAvOi7

    Score
    10/10
    netfilterdiscoverypersistencerootkit

    • NetFilter

      NetFilter is a rootkit first seen in June 2021.

      rootkitnetfilter

    • Netfilter family

      netfilter

    • Sets service image path in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks