Malware Analysis – djvu – ab799e62d3827019ce3fe43f09273801

February 8, 2023

Malware Analysis

Score: 10

  • MALWARE FAMILY: djvu
  • TAGS:family:djvu, family:gozi, family:laplas, family:smokeloader, botnet:1001, backdoor, banker, clipper, discovery, isfb, persistence, ransomware, stealer, trojan
  • MD5: ab799e62d3827019ce3fe43f09273801
  • SHA1: 494f24b36bcf152ea3ddca396a55d326801911ed
  • ANALYSIS DATE: 2023-02-07T23:38:53Z
  • TTPS: T1012, T1120, T1082, T1060, T1112, T1053, T1222

ScoreMeaningExample
10Known badA malware family was detected.
8-9Likely maliciousOne or more known damaging malware attack patterns were detected.

Examples:
The deleting of shadow copies on Windows.
6-7Shows suspicious behaviourOne or more suspicious actions were detected. The detected actions can be malicious but also have (common) benign uses.

Examples:
Changing file permissions.
Anti-VM behaviour/trying to detect a VM.
2-5Likely benignOne or more interesting behaviours were detected. The detected actions are interesting enough to be notified about but are not directly malicious.
1No (potentially) malicious behaviour was detected.N/A
Tags: , , ,

You may have missed

image

[FOG] – Ransomware Victim: OmniRide (omniride[.]com)

January 10, 2025
image

[RANSOMHUB] – Ransomware Victim: xtremmedia[.]com

January 10, 2025
Cobalt-Strike

Cobalt Strike Beacon Detected – 111[.]119[.]217[.]51:8889

January 10, 2025
Cobalt-Strike

Cobalt Strike Beacon Detected – 115[.]120[.]210[.]236:9999

January 10, 2025
Cobalt-Strike

Cobalt Strike Beacon Detected – 23[.]94[.]169[.]124:9090

January 10, 2025