6c23cb875ddf2f1a659b422909bce3aefecc1bccb51baf3e35115aea4276ea22 | Triage

Sharing

General

Target

spTR.exe
Size

4.4MB
Sample

230504-wl132aga9s
MD5

9ccf9044e1aa57b7461a1a10d7f341e3
SHA1

a613d387882a78f3a28e0a1aab94cfa74106768c
SHA256

6c23cb875ddf2f1a659b422909bce3aefecc1bccb51baf3e35115aea4276ea22
SHA512

59bca4de3e507c200d8999f064ff551ae4ae63812383fcfa216b336d928dc29fb53ebbf3c706d17cbdae65c68ac43abedd42790aa627f5cc4105346bb5689ff1
SSDEEP

49152:FZhHCH5CMHp16zQRhHFMHAF4gXe1FEHqljMuFx+ykcIU6QTNh5ojYXj3:ThiZl2UWjgXekmMuFx+NckBjSj3

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://cdn.discordapp.com/attachments/1082158236297351201/1101510061307732048/string93.err

Targets

- Target
  
  spTR.exe
- Size
  
  4.4MB
- MD5
  
  9ccf9044e1aa57b7461a1a10d7f341e3
- SHA1
  
  a613d387882a78f3a28e0a1aab94cfa74106768c
- SHA256
  
  6c23cb875ddf2f1a659b422909bce3aefecc1bccb51baf3e35115aea4276ea22
- SHA512
  
  59bca4de3e507c200d8999f064ff551ae4ae63812383fcfa216b336d928dc29fb53ebbf3c706d17cbdae65c68ac43abedd42790aa627f5cc4105346bb5689ff1
- SSDEEP
  
  49152:FZhHCH5CMHp16zQRhHFMHAF4gXe1FEHqljMuFx+ykcIU6QTNh5ojYXj3:ThiZl2UWjgXekmMuFx+NckBjSj3
Score

10^/10
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1