4ec6f89771268df9fa94f93179bac128d9bc7bb07359f9006edd721b1f604c96 | Triage

Sharing

General

Target

51b5981d103474df2b15ca093f5add7d.bin
Size

7KB
Sample

231008-bwgrxshc8x
MD5

5ed0ab7c0199754d0c74f2c8cd054e98
SHA1

f63578f5ea3cf581c4717ef38689c6f8029f4f02
SHA256

4ec6f89771268df9fa94f93179bac128d9bc7bb07359f9006edd721b1f604c96
SHA512

8951c6ea9b253d7bf9c4c0528db2bc4bec7beb144604b3553e9abb4808a90daab059b4e117a97b147a71f210550ea2de34814027067a14dddb72d15c282eb4b5
SSDEEP

192:BdVij1YEfJcVKGCqHDCMiWIOjs4STG7GpDMcS6H7W8mTws+:BdVqYEfJjaOkvjsdTth26H7W8q7+

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://tijunaitiene.lt/x99.txt

Targets

- Target
  
  QJA_2023.05-22_Q_16-25.chm
- Size
  
  11KB
- MD5
  
  5f36f1a3b78d286033a6dac8340446ee
- SHA1
  
  6659d0703128dc55bd9776f3fd909f301650ae10
- SHA256
  
  0a7186e481d3a29e2ff9b60e937e389ea0d2a69aa513f1fb2d66a000601482fb
- SHA512
  
  57b734d05a665996258885e4d7a3171e70b30195f65ada04e4487995dc1968266bff8b0f9931750e2894650e0fda98d4c879b21df0fed7aaf046512631f1c825
- SSDEEP
  
  96:APcU9sWLZI1rqc4MTz9XTeNq73QNQyd2HyNLqxOb4:APJ9O2M39XQqDIQuOy
Score

10^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2