General

  • Target

    46cab94e42a739b6ff68c310e17189ae685116b89b54c1893aa858e434e6996a

  • Size

    941KB

  • Sample

    220201-tm8hdshff6

  • MD5

    f5318e25965dff005e596dbc934b4cd1

  • SHA1

    f3ebdcc095ab89a8dc5e4229c17a38903657e231

  • SHA256

    46cab94e42a739b6ff68c310e17189ae685116b89b54c1893aa858e434e6996a

  • SHA512

    4cdc8c87754911eb17d38b8db25c10d7935c8bd1bccc8db825a062241e9b18ec8c6183582e283aaafdac356b5848873a0c0f63dc4f062c2de9b818e29503a1c6

Score
10/10

Malware Config

Targets

    • Target

      46cab94e42a739b6ff68c310e17189ae685116b89b54c1893aa858e434e6996a

    • Size

      941KB

    • MD5

      f5318e25965dff005e596dbc934b4cd1

    • SHA1

      f3ebdcc095ab89a8dc5e4229c17a38903657e231

    • SHA256

      46cab94e42a739b6ff68c310e17189ae685116b89b54c1893aa858e434e6996a

    • SHA512

      4cdc8c87754911eb17d38b8db25c10d7935c8bd1bccc8db825a062241e9b18ec8c6183582e283aaafdac356b5848873a0c0f63dc4f062c2de9b818e29503a1c6

    Score
    10/10
    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

    • Blocklisted process makes network request

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v6

Tasks