ead4186dfb2413cbf6153b769c441f86c51802ee90d0112f01ea9fe2b54fa417 | Triage

Sharing

General

Target

7114.zip
Size

564KB
Sample

210810-xh4xsw8kcs
MD5

a37bf6b23f3649d890042536da47d1ee
SHA1

ee621e173430cbcb707cba8d64fed4e296ef8471
SHA256

ead4186dfb2413cbf6153b769c441f86c51802ee90d0112f01ea9fe2b54fa417
SHA512

e04cee2adcc29bff9437f091706c8a3fb2b0a92d6778ca853b1021a8a49a83d3d41bd45b882688d08bfe0f0b0b1e2c174b95ddd59be7a4720f3680eb1ec216ce

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://erzurum.us/65376345273497600381/tjTyjrjywrdmJoaaenvF/dll/assistant.php

Targets

- Target
  
  7114.js
- Size
  
  924KB
- MD5
  
  07f090249cbb74e99d45ef1b7736fb4d
- SHA1
  
  17a7c3ccdf04a6cbc08b514e818ba26a150dbea9
- SHA256
  
  ce60311f972334032b25221385076f68474c28b6249e292b6925af9f16acb07e
- SHA512
  
  4a54a6824ab0e99ca656100e230f348289f9a56c6f69298f83e08b81c08267d47d2518175ae68d1d7729ed7252b8b08815926e0b0f8da6f56737bb2d7b817440
Score

10^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2