General

  • Target

    rosysjka ruletka.zip

  • Size

    1KB

  • Sample

    250515-pb2s9afr4y

  • MD5

    bba01e01abd08aa9593e4adb517ecb74

  • SHA1

    86f24b6a1aabd28b9f4291dd3b2b05a474c7740b

  • SHA256

    5e10f8454020c226b70acdf48397c6a8c56102b33778756aa39ba059e135d2cf

  • SHA512

    9a832dd97af07803a0de895125633d926e8b6e4d27cd5f973b1c81b12576c9174b00b1d033d62dd0642b4456b846ce899b86b79d81c67a28c91dd50a805bef5c

Score
8/10

Malware Config

Targets

    • Target

      rosysjka ruletka/s.bat

    • Size

      589B

    • MD5

      c9fca5b9b8f7db7fc8716c50978e08d1

    • SHA1

      e9b68e1284653e11bd7709f3837ab32f8f19a46a

    • SHA256

      cd6cd477272a171cd6c8f840169e55a0a07c050afa3dc9ffb1037075e6db33ea

    • SHA512

      8e2e92783b829f6a98b1bf3e856cc3f11be997fdc4a3a82f7c7e24060398cf44bc41b566460809654916ba862cc457b817d67f69ac16e44bf7c10541fa8cbcf3

    Score
    8/10
    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v16

Tasks