feaf57c2993c580aa9d23610268ca0d88a7ca2f2294e54e11d95efb50a0858bc | Triage

Sharing

General

Target

feaf57c2993c580aa9d23610268ca0d88a7ca2f2294e54e11d95efb50a0858bc.exe
Size

6KB
Sample

230807-pkhfzafb95
MD5

77421b1f90fc1e9247f693e857e8c429
SHA1

63c26635980d5a185a24d1be79c877a1e8507133
SHA256

feaf57c2993c580aa9d23610268ca0d88a7ca2f2294e54e11d95efb50a0858bc
SHA512

0bb90e930e0856504631a95792175a149b8565a9acbfdbe68a74e13573e00f1eb433b3c73439523e670b3b66559619c3c85efce9881544f0381afc88e3e8b095
SSDEEP

96:1jYUzP8hRH7AKjC2LcS14bqxqsmthY2VxEzNt:Fz8hRb1CNSGJsmjYSu

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://a.top4top.net/p_814sg63b2.jpg

Targets

- Target
  
  feaf57c2993c580aa9d23610268ca0d88a7ca2f2294e54e11d95efb50a0858bc.exe
- Size
  
  6KB
- MD5
  
  77421b1f90fc1e9247f693e857e8c429
- SHA1
  
  63c26635980d5a185a24d1be79c877a1e8507133
- SHA256
  
  feaf57c2993c580aa9d23610268ca0d88a7ca2f2294e54e11d95efb50a0858bc
- SHA512
  
  0bb90e930e0856504631a95792175a149b8565a9acbfdbe68a74e13573e00f1eb433b3c73439523e670b3b66559619c3c85efce9881544f0381afc88e3e8b095
- SSDEEP
  
  96:1jYUzP8hRH7AKjC2LcS14bqxqsmthY2VxEzNt:Fz8hRb1CNSGJsmjYSu
Score

10^/10
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2