Overview

overview

5

task1

 

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2832007392be029108bde3bf145b0b732be82be29cdb5a2e9d3d9ab17102f97

  • Size

    179KB

  • Sample

    191212-t8ftm5vpbs

  • MD5

    20b49439279bdf3e8e6c982f01dd4274

  • SHA1

    6e80b009a96bcc4abb212a622067b0a8ffef5b9c

  • SHA256

    a2832007392be029108bde3bf145b0b732be82be29cdb5a2e9d3d9ab17102f97

  • SHA512

    232d18b12f4030bf9c28031073c7c030cbcbdd0b28d9d4cd0ea190f99913c68c4a6e9896e3be6f2224bdacfbca2a938b97954c20a45f825071ae8378afa68ff9

Score
5/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://theaustinochuks.com/personal_array/kvrmif/
exe.dropper

http://sarafifallahi.com/wp-admin/uUXtpLhI/
exe.dropper

http://faustosarli.com/wp-admin/mYZW0/
exe.dropper

http://janejahan.com/wp-content/hqiw1u9/
exe.dropper

http://vikstory.ca/h/f2cgRvw/

Targets

    • Target

      a2832007392be029108bde3bf145b0b732be82be29cdb5a2e9d3d9ab17102f97

    • Size

      179KB

    • MD5

      20b49439279bdf3e8e6c982f01dd4274

    • SHA1

      6e80b009a96bcc4abb212a622067b0a8ffef5b9c

    • SHA256

      a2832007392be029108bde3bf145b0b732be82be29cdb5a2e9d3d9ab17102f97

    • SHA512

      232d18b12f4030bf9c28031073c7c030cbcbdd0b28d9d4cd0ea190f99913c68c4a6e9896e3be6f2224bdacfbca2a938b97954c20a45f825071ae8378afa68ff9

    Score
    5/10

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks