ee1d22288302c18f566cf3e4ef411cdc31c0d366382c4d7f359dd6b99d3cdd27 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

Fac_MX_2408.cmd

windows7-x64

8

Fac_MX_2408.cmd

windows10-2004-x64

Sharing

General

Target

7h0iKIMCwY9WbPPk70Ec3DHA02Y4LE1-NZ3WuZ083Sc.bin
Size

118KB
Sample

230825-gxn6aabb91
MD5

4e6516395ff867e37be57f61383320fb
SHA1

85a0a0f6219388cc39a9212e9964ffb9252dcfc9
SHA256

ee1d22288302c18f566cf3e4ef411cdc31c0d366382c4d7f359dd6b99d3cdd27
SHA512

c8f4808ab6720266774b021aecff014b582e84e9f4a4a84c3282adcc272eecd867d1f4baf55237c8746fe2b3e38d1c7dc8c9d60533fe4c6b69d0384ca27529e1
SSDEEP

3072:8ifrrky9mhTTiZrqleftQHMqfxE/ZbQs8m3C5S/:8if3kKmhTT1leftQHrxAQs8m3J

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

Fac_MX_2408.cmd

Resource

win7-20230712-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Fac_MX_2408.cmd

Resource

win10v2004-20230703-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  Fac_MX_2408.cmd
- Size
  
  881B
- MD5
  
  fcd11a959a91f83b1f8da6ab74d70c3d
- SHA1
  
  e448c89e46bb2051929d65529360ff32be8bc2ab
- SHA256
  
  ae5aaa8156075d332692cd5e33918794be258be995d3e49f0c598dc733f3047f
- SHA512
  
  a39cff77f5b5761bca72a7496ffcc92c00845dbbed20db8f2810fbc5535b6b8ffc441d61464656cb0c1d29155da522da896cf5d5808f3275b015607da41b5c06
Score

8^/10
- Blocklisted process makes network request
- Deletes itself
- Drops startup file
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy