General

  • Target

    b5c4b39ebf181b7bcb52176934fc46c608d0d4d1881d2fbe909d9d3889155930

  • Size

    244KB

  • Sample

    220201-thfltahef2

  • MD5

    0f1bded1c0ee7ca527b47a6cfcc3874c

  • SHA1

    a99806f2a486eb1dd0ae6226280fb3b7d460bbd6

  • SHA256

    b5c4b39ebf181b7bcb52176934fc46c608d0d4d1881d2fbe909d9d3889155930

  • SHA512

    97cf72db385e6d2c9545ed69865dcee24f42827278429cc3ebb0dd934fe29392499fed4cd933daa841219b445ef753e382cdf6bf588a0111ecede4956c3b6933

Score
10/10

Malware Config

Targets

    • Target

      b5c4b39ebf181b7bcb52176934fc46c608d0d4d1881d2fbe909d9d3889155930

    • Size

      244KB

    • MD5

      0f1bded1c0ee7ca527b47a6cfcc3874c

    • SHA1

      a99806f2a486eb1dd0ae6226280fb3b7d460bbd6

    • SHA256

      b5c4b39ebf181b7bcb52176934fc46c608d0d4d1881d2fbe909d9d3889155930

    • SHA512

      97cf72db385e6d2c9545ed69865dcee24f42827278429cc3ebb0dd934fe29392499fed4cd933daa841219b445ef753e382cdf6bf588a0111ecede4956c3b6933

    Score
    10/10
    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks