Overview

overview

10

Static

static

1

Claim_C736.wsf

windows7-x64

10

Claim_C736.wsf

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2424e7c6af1a2c04359829a921e0202a.bin

  • Size

    24KB

  • Sample

    230526-bc9nladb43

  • MD5

    c0583f5574b5434e6aa00747fc7fb5ae

  • SHA1

    1fa1a9dda7a55217252d941537c0f873208f96df

  • SHA256

    ea4541881007953039268e1ca2263647632bb8fb5c08164b180d1883e740e150

  • SHA512

    477642839eed594b6a849b687013e7b573895597ecd27fe381396b01d77f95064ffa6d406f78809310a410448662fb2854a3c4ae99941a417a0c43cb51ccca9c

  • SSDEEP

    384:EoWf3itaZT4HwUYKnLY8xq804PdfVsA8xixULrKpcB3vc1KYDwXVgiAT9O51HOP:EoW6fHwUYKLYN/asAGiGLrN01Hisony

Score
10/10

Malware Config

Targets

    • Target

      Claim_C736.wsf

    • Size

      60KB

    • MD5

      ab56f73616cb46052b1216a5215a0b04

    • SHA1

      a8a47d321dbd6b768d1d4dab7480ac6b947c1600

    • SHA256

      21655aa8370b5541fbaebb6b02da5eb294eaf82066ab42889b8df15a709fb5c3

    • SHA512

      378b54053f6e0fea6205952920a281b2769e7ad135c8b933f34a845511312277734afe940f1210b8e009cc1e2ebbda8de191ac53f3d1c1d75ef45241fb6887bd

    • SSDEEP

      1536:vVqqMgLjJvyKjIXHWmmm/g3ueag8WSZT5xMJ1ZOv1Ic6:Aux0X/bg3Xag/SZNxMJ1ZOv1It

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks