Overview

overview

10

Static

static

10

CloudSecurity.exe

windows7-x64

1

CloudSecurity.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    52c0ca463a8d86d8f4be1ebb3d0559ae9fa1d6ec045cc458863d42207b43d338

  • Size

    151KB

  • Sample

    240703-t4nvbazfme

  • MD5

    eeb7e4c796c51b19cdaec24feb19ff64

  • SHA1

    b972d5c3670b5777567695e8906ba09fc180decb

  • SHA256

    52c0ca463a8d86d8f4be1ebb3d0559ae9fa1d6ec045cc458863d42207b43d338

  • SHA512

    f6fbee3d7c7064e992f7bea345ff117383caaf872a960aebea6ef2df4efd4816df8f15da3feef7c6196eee0dce0952860c1698b2394aa5c5a4e338c9f8b200e1

  • SSDEEP

    3072:GPCQWFb5+p63mLfRJ1op4C5dI523mYhNB3OyUIbjeamCxcHdMdS9M06KS:GPA5vmLRJ1A4C5d223mA8aJCdMNAS

Score
10/10
mofongoloaderloader

Malware Config

Extracted

Family

mofongoloader

C2

https://checkcloudnet.com/check/connection

Targets

    • Target

      CloudSecurity.exe

    • Size

      669KB

    • MD5

      739b068cdf1a095562cc18fedf520c5e

    • SHA1

      3d26ea9d884ef8ec30d1373ab388d28f2b94f1d3

    • SHA256

      abcac2031965695b7b513f4fecb8909a4137f035452daea19af090c25cb29954

    • SHA512

      62cec4e4765cd0e3b59f1e438da34b6acdef29b4d32eaba7ea76a6b67ec5d630e2d23ad6876cb12fdbd285cc53a05f5a38145800a062e79f65424b5fb076e1c5

    • SSDEEP

      6144:xwrGnfIRzRSPpwMHjH4ZGL3O0b83ii96AMaJB8udk4+xZRtiKzvzaOLVYd:xAGwtRSPuMHjH0GL3OB3x6Faa6d

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks