General

  • Target

    c73aca0de369cd4add35941b558970267ae5076f71b2d4d88e5eb017b290ce95

  • Size

    672KB

  • Sample

    220701-hvbylshadj

  • MD5

    eb098a4d1233b6b5a19ecce55a93ccfd

  • SHA1

    d6701cf4de368c0d998bd011b569ec656dd3d86c

  • SHA256

    c73aca0de369cd4add35941b558970267ae5076f71b2d4d88e5eb017b290ce95

  • SHA512

    096dc49c2eecf28e71cde8a3e87bfd3fd4bfc8a98ebf6838d7db74aee6a443afe79cac93ca1e390666f8155e0e5dbcd69c23656fb168ffa333e060da6b4b084c

Score
10/10

Malware Config

Targets

    • Target

      c73aca0de369cd4add35941b558970267ae5076f71b2d4d88e5eb017b290ce95

    • Size

      672KB

    • MD5

      eb098a4d1233b6b5a19ecce55a93ccfd

    • SHA1

      d6701cf4de368c0d998bd011b569ec656dd3d86c

    • SHA256

      c73aca0de369cd4add35941b558970267ae5076f71b2d4d88e5eb017b290ce95

    • SHA512

      096dc49c2eecf28e71cde8a3e87bfd3fd4bfc8a98ebf6838d7db74aee6a443afe79cac93ca1e390666f8155e0e5dbcd69c23656fb168ffa333e060da6b4b084c

    Score
    10/10
    • Ostap JavaScript Downloader

      Ostap is a JavaScript downloader that's been active since 2016. It's used to deliver several families, inluding TrickBot

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • ostap

      Ostap is a JS downloader, used to deliver other families.

MITRE ATT&CK Enterprise v6

Tasks