09baa568f603837557948cc972a127a37081dfbc0ab9bee1d1230a1660202865 | Triage

Sharing

General

Target

09baa568f603837557948cc972a127a37081dfbc0ab9bee1d1230a1660202865
Size

193KB
Sample

220530-v6l9yahfbr
MD5

1b3a0b3d4f110dbb1dae5a2f7582fb22
SHA1

593698fef10feef548dc6814943fe6c2f5424068
SHA256

09baa568f603837557948cc972a127a37081dfbc0ab9bee1d1230a1660202865
SHA512

e40b925591f7dc9e6b5e104958235f4905bcff13b926be01972c4c2ba20fd1983dd7cac8c3ed2daa4279ff026ddef1e1ffeb1b780d2bbdfc8fe527adbfd76472

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://chocolatey.org/7za.exe

Targets

- Target
  
  251593.exe
- Size
  
  386KB
- MD5
  
  8a405c527be3468739c3ae626305ea60
- SHA1
  
  6461e343fd6ee5be0a1ce80a933278a1c11c9292
- SHA256
  
  580ab691ca271c0c7779a29c3ddd882250bfd763d40c05c9d60809a087cace63
- SHA512
  
  79a4823bd6995d9d6868bed2dbdfd324a3ca7af1e1aa4696255602f20df90258e7693c0292c579aa5a8e903d0504f6edd64c06ab868c621997217d20b038ef72
Score

10^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

BITS Jobs

Privilege Escalation

Defense Evasion

BITS Jobs

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2