General
-
Target
7014059534b7e5e784f3c1aea032c40e5f9852f37aabd638faf0d3166f66033e
-
Size
351KB
-
Sample
220201-ggqdeaabf7
-
MD5
4126c1f9921b4fa7bcc74106e4458487
-
SHA1
7da2f7ea90b73d3456516e048cb2c9cdb5b6aace
-
SHA256
7014059534b7e5e784f3c1aea032c40e5f9852f37aabd638faf0d3166f66033e
-
SHA512
713b3ceb59db57b2431bf7187d4ece3478a731a6728b2f5dd555a4f77b3c3dba4b30dae8fb4af40323204d4ad876cd96bd933285d6a49a39560c372e11ab8ef1
Malware Config
Targets
-
-
Target
7014059534b7e5e784f3c1aea032c40e5f9852f37aabd638faf0d3166f66033e
-
Size
351KB
-
MD5
4126c1f9921b4fa7bcc74106e4458487
-
SHA1
7da2f7ea90b73d3456516e048cb2c9cdb5b6aace
-
SHA256
7014059534b7e5e784f3c1aea032c40e5f9852f37aabd638faf0d3166f66033e
-
SHA512
713b3ceb59db57b2431bf7187d4ece3478a731a6728b2f5dd555a4f77b3c3dba4b30dae8fb4af40323204d4ad876cd96bd933285d6a49a39560c372e11ab8ef1
Score10/10-
Ostap JavaScript Downloader
Ostap is a JavaScript downloader that's been active since 2016. It's used to deliver several families, inluding TrickBot
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
ostap
Ostap is a JS downloader, used to deliver other families.
-
Sets service image path in registry
-