46052db60a2b08b55f05034b7b9d9635349119fe3d70f6fe7b8eb23611b97708 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46052db60a2b08b55f05034b7b9d9635349119fe3d70f6fe7b8eb23611b97708
Size

294KB
Sample

220921-engnqsaeen
MD5

ce622d13f25096c53cdac31825060162
SHA1

badade418fc6c9029b630e999f9c0ddfef16641e
SHA256

46052db60a2b08b55f05034b7b9d9635349119fe3d70f6fe7b8eb23611b97708
SHA512

3b321544c3076aa64579d9588f93a4affaa9f74d2ca386b66ad664384e5670391aaab0877b6f5639e43778908a62152b67d5b9ab3b0481615d27e59b2926ac20
SSDEEP

6144:PIIcrXQ4S33w614mazUBHfSdocWYD24IT+tcWnE:JcrNS33L10QdrXZT+tcWnE

Score

8^/10

Malware Config

Targets

- Target
  
  46052db60a2b08b55f05034b7b9d9635349119fe3d70f6fe7b8eb23611b97708
- Size
  
  294KB
- MD5
  
  ce622d13f25096c53cdac31825060162
- SHA1
  
  badade418fc6c9029b630e999f9c0ddfef16641e
- SHA256
  
  46052db60a2b08b55f05034b7b9d9635349119fe3d70f6fe7b8eb23611b97708
- SHA512
  
  3b321544c3076aa64579d9588f93a4affaa9f74d2ca386b66ad664384e5670391aaab0877b6f5639e43778908a62152b67d5b9ab3b0481615d27e59b2926ac20
- SSDEEP
  
  6144:PIIcrXQ4S33w614mazUBHfSdocWYD24IT+tcWnE:JcrNS33L10QdrXZT+tcWnE
Score

8^/10
- Blocklisted process makes network request
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2