hxxps://github[.]com/Da2dalus/The-MALWARE-Repo

Resubmissions

08/05/2025, 12:15

250508-pez4tsek6x 10

08/05/2025, 12:12

250508-pdcxxa1thx 7

Sharing

Copy URL

Twitter E-mail

General

Target

https://github.com/Da2dalus/The-MALWARE-Repo
Sample

250508-pez4tsek6x

Score

10^/10

Malware Config

Extracted

Path

C:\Users\README_HOW_TO_UNLOCK.TXT

Ransom Note

YOUR FILE HAS BEEN LOCKED In order to unlock your files, follow the instructions bellow: 1. Download and install Tor Browser 2. After a successful installation, run Tor Browser and wait for its initialization. 3. Type in the address bar: http://zvnvp2rhe3ljwf2m.onion 4. Follow the instructions on the site.

URLs

http://zvnvp2rhe3ljwf2m.onion

Targets

- Target
  
  https://github.com/Da2dalus/The-MALWARE-Repo
Score

10^/10

defense_evasion discovery execution impact ransomware upx
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware defense_evasion impact execution
- Downloads MZ/PE file
- Legitimate hosting services abused for malware hosting/C2
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Windows Management Instrumentation

T1047

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

T1070

File Deletion

T1070.004

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Inhibit System Recovery

T1490

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Deletes shadow copies

Downloads MZ/PE file

Legitimate hosting services abused for malware hosting/C2

UPX packed file

MITRE ATT&CK Enterprise v16

Tasks

static1

urlscan1

behavioral1