General
-
Target
http://docdrop.ink
-
Sample
250703-gll7jstzhw
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://docdrop.ink
Resource
win11-20250619-en
18 signatures
150 seconds
Malware Config
Targets
-
-
Target
http://docdrop.ink
Score10/10-
Detects DonutLoader
-
DonutLoader
DonutLoader is a position-independent code that enables in-memory execution of VBScript, JScript, EXE, DLL files and dotNET assemblies.
-
Donutloader family
-
Blocklisted process makes network request
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Drops file in System32 directory
-