Overview

overview

10

Static

static

1

009054199.wsf

windows7-x64

10

009054199.wsf

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    009054199.wsf

  • Size

    61KB

  • Sample

    230525-qhegzaah5s

  • MD5

    172d7af10f8d7ca716ca35db1a653458

  • SHA1

    ae4f766c729ace797843386a38e43c6c4a654b14

  • SHA256

    c13610b0fc89ae7ce98f9897a6d36f18128d22fe42b7487b4bd8e7c45182f577

  • SHA512

    8315889b3853b78a773f5247ab277d5520a50728b992cd8ce131838d91aac36df84c8b3faa22309b7b2b261df5a3a3cafcee7c93a50c3b0f26703872b1dc7186

  • SSDEEP

    1536:YaB5xvAkjSmRSZFysHVYlDC6jIoqMFAjVwQi3QiJ9:j5zSSsSlDCboTAq

Score
10/10

Malware Config

Targets

    • Target

      009054199.wsf

    • Size

      61KB

    • MD5

      172d7af10f8d7ca716ca35db1a653458

    • SHA1

      ae4f766c729ace797843386a38e43c6c4a654b14

    • SHA256

      c13610b0fc89ae7ce98f9897a6d36f18128d22fe42b7487b4bd8e7c45182f577

    • SHA512

      8315889b3853b78a773f5247ab277d5520a50728b992cd8ce131838d91aac36df84c8b3faa22309b7b2b261df5a3a3cafcee7c93a50c3b0f26703872b1dc7186

    • SSDEEP

      1536:YaB5xvAkjSmRSZFysHVYlDC6jIoqMFAjVwQi3QiJ9:j5zSSsSlDCboTAq

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks