General

  • Target

    https://github.com/enginestein/Virus-Collection

  • Sample

    250126-hgbexsvmcs

Malware Config

Targets

    • Target

      https://github.com/enginestein/Virus-Collection

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks