Resubmissions

21/07/2023, 04:08

230721-eqhzksbh87 10

20/07/2023, 11:54

230720-n2xrjsgh6x 10

General

  • Target

    1907.zip

  • Size

    2.1MB

  • Sample

    230721-eqhzksbh87

  • MD5

    7d89fee6e4533724bb9cca107266594c

  • SHA1

    3f3c711f5e0d8f83b192f1ac477663996244fc82

  • SHA256

    bb47465a7fce534905ffcecd45e01439e75e2057f62b7026fc526cf3dd93899b

  • SHA512

    c6fe2704041aaff237a2203074a9667769240b599ade910cadfa3c7ff80d0ff4ce565193fa7d44bf1454b7d49a1c3bee9164f491fea64ad9083db8bf4636d2aa

  • SSDEEP

    49152:zadcHZ2vRMmi9+s9vVaQj17Q2bqfekSVpKAyWgpfZ4rEna3DQDdlVe5PWZ5FvcB+:+d4YvRDi9+sXbWmkSblaardDUdbAP+U+

Score
10/10

Malware Config

Targets

    • Target

      client32.exe

    • Size

      99KB

    • MD5

      f70b67c2b3204b7ddd8b755799cccff0

    • SHA1

      a42e55e328d62d11e687c167bb7049d46f0f9b26

    • SHA256

      213af995d4142854b81af3cf73dee7ffe9d8ad6e84fda6386029101dbf3df897

    • SHA512

      54fcba8a063bfbaae4c3a39624bf3407db6af5699ab8686f936ab03c5864df7a44d089066fa2d4aedf5ad50d6b04624966a5111bf57bec1dda74a571f1dd7c63

    • SSDEEP

      384:qUjV5+6j6Qa86Fkv2Wr120hZIq6nYPL7NheMxnB1:qgVZl6FhWr80/h6EN/

    Score
    10/10
    • NetSupport

      NetSupport is a remote access tool sold as a legitimate system administration software.

    • Target

      remcmdstub.exe

    • Size

      58KB

    • MD5

      ba2a1815e16b357eeff23b8394457aa5

    • SHA1

      2492e2393cdaed5678ea0a573c50d06ec5f191f4

    • SHA256

      e14c3224215ea91587e96b995861e8966166dfc08ab4d409bd729770815b3b81

    • SHA512

      d505a1a17c44a96e74f94238b3623d7e6064b8c94007f2d94d6626eeee3ba75db92e569bc864c90096eabf61a0cd68ae690461b43b6e429b4deda1b44e18ba41

    • SSDEEP

      1536:Wf6nvXuNcAjJMBUHYBlXU1wT2JFqyuAQYPT:g6nPcjJ4U4I1jFqyuHuT

    Score
    1/10

MITRE ATT&CK Matrix

Tasks