Overview

overview

10

Static

static

1

Secret file.one

windows7-x64

10

Secret file.one

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    malware.zip

  • Size

    43KB

  • Sample

    231016-kfsc6ach5t

  • MD5

    c05b55f0915696e99e139ad2ff0c8eea

  • SHA1

    000857d73861283af438e941092ac6bfce5c5b71

  • SHA256

    5701be65acd1c28d5717b321cbddb2201ab1dda3d14aff5c243545a6b103c741

  • SHA512

    c68bc3f3b63c49d3ed38ec68523ed9c2ce34c715511c285ae76c2c104a421afaba7d001c3d1034070ad35c238ee165a15d77214006c9193acdf616cdb614a98d

  • SSDEEP

    768:Sb3yVm4lC1t9/ykD6hLkSYlhBcqtomKHGae2mdmbK2vojDUN+okIZ7:qyVmmIt9qklSYL9KVe2mAjvAU+ok27

Score
10/10

Malware Config

Targets

    • Target

      Secret file.one

    • Size

      110KB

    • MD5

      26b4d42c06d62a861b0e49b155ebcd42

    • SHA1

      172568a21af09efdd2f53cedb9c023f3a991e3d1

    • SHA256

      03aaa5cf2d06fcec56ddb11ce794ce6c76026bb50e16753f18ef8f292f0d4f61

    • SHA512

      29955ce328000de4052466061f8ac82b4ebeafd0aae50ad3178d22ded5200aa4c6cf9e2a1ff63063a1a010f6ce5f72c7fda7c528050e220871eb7c8e62547c81

    • SSDEEP

      1536:fMYjcUdbi5I8FSzTWNec7TJ8epJ9HnXxqv2hv00wh6LRDG:JjcMbiGBiPpnhquhc0wgLRDG

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks