General

  • Target

    upload#TJSX8EJgNg.zip

  • Size

    6KB

  • Sample

    210118-t9rwsw6th6

  • MD5

    00ac504250b032bce641df92b92b3c9c

  • SHA1

    f921a75f76e451ca1eca815cdcb3556986714ea0

  • SHA256

    d38620457b48a990a6ddfad7abee7034442dd33b6a1a2da26107e6a99680882e

  • SHA512

    5001e9eb6d936ee31246c025ff2373e461a190e8a984f8d1da2b6a40d016b582b9aeb19cea4ee098218bd48c79a786226e4728895ee06ee643bfbe7c9a609b10

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://ixd1196.firebird.sheridanc.on.ca/cookies/custom.php

Targets

    • Target

      4IW7erkj68.js

    • Size

      21KB

    • MD5

      ffff42a84871648a25ba2c39beca8d83

    • SHA1

      31acbb969b4b9d167f5ad4c78510ba2e8e0b4610

    • SHA256

      c03c5f7dabff34048550ffe1290d714291c554cdffa85da7116c3b675aadb458

    • SHA512

      b770666259807832786ee526c51ba18b59f80ba58a30d1ef892360bc88d71627674d341dea31f56221e821d072a67d1c62e82b3fd9b26338167046e3bcfdfe41

    Score
    10/10
    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks