5071b54669bb1e88422c6c340204b0b3a0ffd07e2ac1d747ccbd1447abc92948 | Triage

Sharing

General

Target

nircmd.zip
Size

120KB
Sample

231029-sysqmsab24
MD5

f5cf4d2f919e961a8d06b882bd500e3d
SHA1

8e9b44225ec92b5baa546c6f63e6e5646afea723
SHA256

5071b54669bb1e88422c6c340204b0b3a0ffd07e2ac1d747ccbd1447abc92948
SHA512

10ec088fd7a7681e12a5f5f16c857fd9d3c3f18fb9c8463c0433edb4410f0a9ac31ab978b9796badd79c835fce67c81c539fa9a37d0a046a90ee9f229c201e51
SSDEEP

3072:P2Ex/3ZNNSFCTwEYBE0M5lgN+bZTJfczgALvg4xqOLbvPU:OEx/3LPTwE8EL4WZ1f2rbdqqbvPU

Score

10^/10

upx

Malware Config

Targets

- Target
  
  nircmd.zip
- Size
  
  120KB
- MD5
  
  f5cf4d2f919e961a8d06b882bd500e3d
- SHA1
  
  8e9b44225ec92b5baa546c6f63e6e5646afea723
- SHA256
  
  5071b54669bb1e88422c6c340204b0b3a0ffd07e2ac1d747ccbd1447abc92948
- SHA512
  
  10ec088fd7a7681e12a5f5f16c857fd9d3c3f18fb9c8463c0433edb4410f0a9ac31ab978b9796badd79c835fce67c81c539fa9a37d0a046a90ee9f229c201e51
- SSDEEP
  
  3072:P2Ex/3ZNNSFCTwEYBE0M5lgN+bZTJfczgALvg4xqOLbvPU:OEx/3LPTwE8EL4WZ1f2rbdqqbvPU
Score

1^/10
behavioral1 behavioral2
- Target
  
  NirCmd.chm
- Size
  
  45KB
- MD5
  
  4e796f81fc6f1078c08e93d006d24e7a
- SHA1
  
  012fb4e3c3ad1d6319f2f297a907dcaa8bbac351
- SHA256
  
  95236b65b79287ea0ff9eed030297d71668f2700b3f3d41cf135db96db9d0dad
- SHA512
  
  36e756d626f2c5b926e60e344c556c9abeac832b4b78996bbbbe23dd9dd4820f1c91b038e684c2031029492c67ec75d810485381e9efe5afb54b6b9bcaf9852f
- SSDEEP
  
  768:tSoC5Dc9JOMw/ZanSKH8MUi8X83NxExx4mPNGzvzKSK7o5eKDWmyx1:tSoMDc9JZfnSQ8XoxqJPMzvZsAvyx1
Score

1^/10
behavioral3 behavioral4
- Target
  
  nircmd.exe
- Size
  
  44KB
- MD5
  
  a1cd6a64e8f8ad5d4b6c07dc4113c7ec
- SHA1
  
  60e2f48a51c061bba72a08f34be781354f87aa49
- SHA256
  
  b994ae5cbfb5ad308656e9a8bf7a4a866fdeb9e23699f89f048d7f92e6bb8577
- SHA512
  
  87a42901a63793653d49f1c6d410a429cabb470b4c340c4553cbd9eccacb38d8543f85455465e0a432d737e950c590175dad744094861f7c3e575446a65b41e8
- SSDEEP
  
  768:UDR7drWxRrYJAgERvFAREX5DyzaccyOkVDIBF9K/phcanwUaajMIWCW2jsV:2A3cJAgmSRC5DcLxIBLGwUgIW2sV
Score

9^/10

upx
- Nirsoft
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6
- Target
  
  out.upx
- Size
  
  87KB
- MD5
  
  ad0725498c4c1145a9b779bd5f2d643c
- SHA1
  
  d7e877b823c9b081651d26222b36cb22a73fcfee
- SHA256
  
  e9e4118a3c2d306018f33ebcd8faedcb5fa1ed4a5f8e9eb80386035ae7fa718d
- SHA512
  
  e35b50d3eed3bd8dcb4050f792208a6fa4ed2ed6eb37773b94de754d11a4b0f5bbdc15d0f0b068714046bd9b3d474ea7d9a4d3f0f32c6d233a78b8efb0b18871
- SSDEEP
  
  1536:tAIgctwzYOwZfEiCBPrXb8g/r+3AnWI0Xd/CkUthc0bZzHwXFZV:tAWwzHCsiCBPrXb8g/r+3AWI0BCkUtnU
Score

1^/10
behavioral7 behavioral8
- Target
  
  nircmdc.exe
- Size
  
  43KB
- MD5
  
  0e69b6bd18e064c83a11b48495c1b01e
- SHA1
  
  21c4cc08d3600c564bd0d04c8553e59f564bfff4
- SHA256
  
  67e0d635825cbf7cc213670f671544da9ff18047742dd4a0696a508b79eef607
- SHA512
  
  e7c9b9209359183ade3502ad9c8807b7948d38fd0ef883655decef2e5f212be646a0e3fd93b51988595511b979c669dee8f9f2a3ba90a4b0cecf0423ff2d3f51
- SSDEEP
  
  768:UF24SNifq4YWc5uEvW7KrQaFzs4C9B18sEufqnYIG0y8XmEsYR2fWIrKiSU:UMNG9c5jfQ8XoB18FufVIG092lWAKiSU
Score

9^/10

upx
- Nirsoft
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10 behavioral9
- Target
  
  out.upx
- Size
  
  85KB
- MD5
  
  43545d9de1955f428bb1325cc3dc6516
- SHA1
  
  35a57840775bcda17231c22a18cb966f65cfb934
- SHA256
  
  55d82c5a903f17537f0260ab7be7aa35d473c376b20d5d0079fdb73ab96341ce
- SHA512
  
  79f63be4f754fc685b2d26ad67a80bc674fcf94ffdb44fc2a6e5510f13f5677968c4123c340f92cf01b44a903483502ca8eb2c9ae11166158150c170feac0161
- SSDEEP
  
  1536:yNw7rlugfapqdfLi44Ga1goSc38+1jJKQwwNzrAH7HwXFjU:yKu28ufLi44Ga1gRcs+TQw9+HwXFjU
Score

1^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12