86aa53504fbdf4a6ff106b3da50bc90336d47cfe24ad167adb66f56100654b7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86AA53504FBDF4A6FF106B3DA50BC90336D47CFE24AD167ADB66F56100654B7F
Size

1.2MB
Sample

230518-cc9t2agb3z
MD5

6220a64966b455358abc5c2fe2459184
SHA1

67cb5fcb271e6e785daf496ffff93115e750dcb5
SHA256

86aa53504fbdf4a6ff106b3da50bc90336d47cfe24ad167adb66f56100654b7f
SHA512

d7ea32d6fa0f96ea3428f9804705d52d1245388149a6dc62ec45e1b34408299f7dc5a8c8afa21a6a646c6bcb1fbe6c95890fb7e7d4f9316591bbd913dd4280e5
SSDEEP

192:HVb2bfQs2ulJ4mmCv2wm1SRi2q1zldbIQPn:sb4s2dmb2wWuLOLbI4

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://zvejurumai.lt/MiG41.txt

Targets

- Target
  
  20230413.CHM
- Size
  
  14KB
- MD5
  
  8d723c4b123b94360c141c21f9446b5f
- SHA1
  
  939a545e78af73b723450225bce88d61fd1c2e04
- SHA256
  
  463a4039e9d4b663f0ea4f767def00efd8fc987260db9900ee81394010558be5
- SHA512
  
  a00bccbb91571888fc3667541ed65eca7786c0167c31589c88ae0a756a491daa83fba26a55b7ecbcecb921110aec1620e241026de0c928a4c56790d2d8a2a864
- SSDEEP
  
  192:FbfQs2ulJ4mmCv2wm1SRi2q1zldbIQPn:Fb4s2dmb2wWuLOLbI4
Score

10^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2