Malware Analysis – djvu – 010965e4484bda208499ac804e1ef3d4

February 19, 2023

Malware Analysis

Score: 10

  • MALWARE FAMILY: djvu
  • TAGS:family:djvu, family:laplas, family:pandastealer, family:rhadamanthys, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, collection, discovery, evasion, persistence, ransomware, spyware, stealer, trojan, vmprotect
  • MD5: 010965e4484bda208499ac804e1ef3d4
  • SHA1: c41c828c0a6bb903e80c0968ae6b65a6de2f58a8
  • ANALYSIS DATE: 2023-02-19T16:26:49Z
  • TTPS: T1222, T1012, T1082, T1031, T1562, T1489, T1005, T1081, T1060, T1112, T1102, T1114, T1120, T1053

ScoreMeaningExample
10Known badA malware family was detected.
8-9Likely maliciousOne or more known damaging malware attack patterns were detected.

Examples:
The deleting of shadow copies on Windows.
6-7Shows suspicious behaviourOne or more suspicious actions were detected. The detected actions can be malicious but also have (common) benign uses.

Examples:
Changing file permissions.
Anti-VM behaviour/trying to detect a VM.
2-5Likely benignOne or more interesting behaviours were detected. The detected actions are interesting enough to be notified about but are not directly malicious.
1No (potentially) malicious behaviour was detected.N/A

You may have missed

image

[RANSOMHUB] – Ransomware Victim: polaraire[.]com

November 20, 2024
image

[KILLSEC] – Ransomware Victim: LiquiTech

November 20, 2024
image

[MONTI] – Ransomware Victim: Oxford Auto Insurance

November 20, 2024
image

[KILLSEC] – Ransomware Victim: Camim

November 20, 2024
image

[SAFEPAY] – Ransomware Victim: smartdimensions

November 20, 2024