Overview

overview

5

task1

 

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cec959a883abfaf4781d532691230f8574651c138d9bfdfd312e54a19b0043e1

  • Size

    166KB

  • Sample

    191212-p58m98ae9n

  • MD5

    b256a655b482973d45c33bc35916089b

  • SHA1

    75d8e3e61b0b12c5daadf55181d353e5f3d630a0

  • SHA256

    cec959a883abfaf4781d532691230f8574651c138d9bfdfd312e54a19b0043e1

  • SHA512

    0e71d5a5f9a02e819bd50679384eb73af6b352f050c9c1b821495dd2bd25826a528eb1dd14e700c7554d5b5181719f7165d92097c24ae8bf7d61364ab16340ae

Score
5/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://jdcc-stu.com/wp-includes/6109/
exe.dropper

http://jandmadventuring.servermaintain.com/wp-content/uploads/8ly08u77849/
exe.dropper

http://wilkopaintinc.com/common_resource/qac395/
exe.dropper

http://essemengineers.com/AdminPanel/cku0s00262/
exe.dropper

http://t666v.com/vlk2lo4i/fi20416/

Targets

    • Target

      cec959a883abfaf4781d532691230f8574651c138d9bfdfd312e54a19b0043e1

    • Size

      166KB

    • MD5

      b256a655b482973d45c33bc35916089b

    • SHA1

      75d8e3e61b0b12c5daadf55181d353e5f3d630a0

    • SHA256

      cec959a883abfaf4781d532691230f8574651c138d9bfdfd312e54a19b0043e1

    • SHA512

      0e71d5a5f9a02e819bd50679384eb73af6b352f050c9c1b821495dd2bd25826a528eb1dd14e700c7554d5b5181719f7165d92097c24ae8bf7d61364ab16340ae

    Score
    5/10

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks