Malware Analysis – djvu – 333a83fe4e74d20da20c63685a54129d

March 10, 2023

Malware Analysis

Score: 10

  • MALWARE FAMILY: djvu
  • TAGS:family:djvu, family:laplas, family:pseudomanuscrypt, family:smokeloader, family:vidar, botnet:694f12963bedb0c6040fb3c74aac71e5, botnet:pub1, botnet:sprg, backdoor, clipper, discovery, loader, persistence, ransomware, stealer, trojan
  • MD5: 333a83fe4e74d20da20c63685a54129d
  • SHA1: 4ffe0ca787f577c59d35fb168971ea716ee74dab
  • ANALYSIS DATE: 2023-03-09T23:39:02Z
  • TTPS: T1012, T1120, T1082, T1222, T1060, T1112, T1053

ScoreMeaningExample
10Known badA malware family was detected.
8-9Likely maliciousOne or more known damaging malware attack patterns were detected.

Examples:
The deleting of shadow copies on Windows.
6-7Shows suspicious behaviourOne or more suspicious actions were detected. The detected actions can be malicious but also have (common) benign uses.

Examples:
Changing file permissions.
Anti-VM behaviour/trying to detect a VM.
2-5Likely benignOne or more interesting behaviours were detected. The detected actions are interesting enough to be notified about but are not directly malicious.
1No (potentially) malicious behaviour was detected.N/A

You may have missed

image

[INCRANSOM] – Ransomware Victim: Hadwins Volkswagen

November 25, 2024
image

[LYNX] – Ransomware Victim: Hypertype

November 25, 2024
image

[INCRANSOM] – Ransomware Victim: Nicholsons Solicitors

November 25, 2024
image

[RAWORLD] – Ransomware Victim: Co****nt

November 25, 2024
image

[KILLSEC] – Ransomware Victim: inv[[.][.][.]]nator

November 25, 2024