0b3c6ac01fd57147dfafa6ec81a86243381915ff8331f757976e53c8a36e8007 | Triage

Sharing

General

Target

Draft_Term_Sheet_pdf.js
Size

292KB
Sample

230817-1n5apafd4t
MD5

c22304c36cdd7751f0cd967b23fda1fc
SHA1

11b57fbd5e52c4b9d7f62c5ca63fea2bc607a8c8
SHA256

0b3c6ac01fd57147dfafa6ec81a86243381915ff8331f757976e53c8a36e8007
SHA512

0a97e1ebe6d51c8249845cdaffd35240c700354fe5e3607e9adc94a2a6e2efd0f0900bf77dfd68466cda187adaf94a9055d02fb6b2d30e87e189fcc54c0ad5db
SSDEEP

6144:K3RTbBRVDokMlmuV1plXC2wTy6rS9LMB+pwagSKqRM1FpStzMJtlmUV1pO82UKTr:K3RTU

Score

8^/10

Malware Config

Targets

- Target
  
  Draft_Term_Sheet_pdf.js
- Size
  
  292KB
- MD5
  
  c22304c36cdd7751f0cd967b23fda1fc
- SHA1
  
  11b57fbd5e52c4b9d7f62c5ca63fea2bc607a8c8
- SHA256
  
  0b3c6ac01fd57147dfafa6ec81a86243381915ff8331f757976e53c8a36e8007
- SHA512
  
  0a97e1ebe6d51c8249845cdaffd35240c700354fe5e3607e9adc94a2a6e2efd0f0900bf77dfd68466cda187adaf94a9055d02fb6b2d30e87e189fcc54c0ad5db
- SSDEEP
  
  6144:K3RTbBRVDokMlmuV1plXC2wTy6rS9LMB+pwagSKqRM1FpStzMJtlmUV1pO82UKTr:K3RTU
Score

8^/10
- Blocklisted process makes network request
- Deletes itself
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2