General

  • Target

    files.zip

  • Size

    81KB

  • Sample

    230123-yjhj1sgg4y

  • MD5

    264b394dd8434051d03fbe208f2e3148

  • SHA1

    0f80a60ac2fe9e4700845fbd5a25fdab94881389

  • SHA256

    dcf623540207c96fa559e8851828ef277f6bf82f5025fafd6eeac33ed166e10d

  • SHA512

    48f3bcb2813755f11f41de62a9cd6553edfad3a5f4dc2dafd0ac11ae8c9eaf02440c49776ef549fc29ccdc95514354d811ea121117724585b62c4d09d4381729

  • SSDEEP

    1536:5Xw3n3P+VPMILH6TxF2fcgp0NDuUOyaRm5h+BRGq1PCfuaQMgQFf:5XwvY6Txvgpg6UOwh+Sq5iuaLFf

Score
10/10

Malware Config

Targets

    • Target

      1c220cdc.dat

    • Size

      110KB

    • MD5

      0993776328ea1684833f09868032549c

    • SHA1

      ed7779094d6dce79be2252807e28c59aec8590b3

    • SHA256

      caaea7ec83956a823420a78dec430fddb5db65d9fa4bc6555659b9b0c05c817a

    • SHA512

      19f83a1718e3330e9fb0bbd61b6c21e569740d7cd22d3c2a600d9a717feaa663297d777e526dbc9c4d02beb6c3c5e12bd417058bf7995798a5c61350e5c35502

    • SSDEEP

      3072:0LJ0tYRDh8zCTFGMCcKh0ff87FhtHW43tNncyIEyNlO:0LGtkl8zCTFGM1QA07btHW4TcjTvO

    Score
    1/10
    • Target

      run.bat

    • Size

      28B

    • MD5

      4a79fe5d9105ae3a9d6a24941b11c78f

    • SHA1

      9ecd4402124806303d981974950c7eb7c531e78f

    • SHA256

      40595e4203fe1f84ee705ebf1b9220bd2815567fce7f1644e8748ff35681ecfd

    • SHA512

      6aef34040fa19971d67d1e7b042319ec072075022fb5aaa4419d76b9ad79992178a5bde564a3b6b7c522b018d0f2c6eb06ce35fe4f006c253246bf025708aed8

    Score
    10/10
    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks