Overview

overview

10

Static

static

1

Claim_A650.wsf

windows7-x64

10

Claim_A650.wsf

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Claim_A650.wsf

  • Size

    75KB

  • Sample

    230525-pxw5wsab54

  • MD5

    b03fea25ae557aa8911e7784262806ed

  • SHA1

    ec16cf2b88abb42dd92b1344498161c25a2a18db

  • SHA256

    aa11cb5fe4d422867bcc83734380ba17e2fda100f76ad006cb388d19766c85eb

  • SHA512

    393b2aa6fc45b12a07b131e63ad3dcca5d9fc4fb0e4f70a13c20a52003e5d49a97af370cfe4475db5acad0a4907f4e3390c94d29c1e481afdf971ae3548a09fc

  • SSDEEP

    1536:RaBhLmtZP5UJm9+FWbS8PavlDhQGjI+UO/k4VoE:ehQ5kFiPavlDyP+UN4VoE

Score
10/10

Malware Config

Targets

    • Target

      Claim_A650.wsf

    • Size

      75KB

    • MD5

      b03fea25ae557aa8911e7784262806ed

    • SHA1

      ec16cf2b88abb42dd92b1344498161c25a2a18db

    • SHA256

      aa11cb5fe4d422867bcc83734380ba17e2fda100f76ad006cb388d19766c85eb

    • SHA512

      393b2aa6fc45b12a07b131e63ad3dcca5d9fc4fb0e4f70a13c20a52003e5d49a97af370cfe4475db5acad0a4907f4e3390c94d29c1e481afdf971ae3548a09fc

    • SSDEEP

      1536:RaBhLmtZP5UJm9+FWbS8PavlDhQGjI+UO/k4VoE:ehQ5kFiPavlDyP+UN4VoE

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks