Resubmissions

13-12-2023 16:00

231213-tfqc8sgdh6 10

13-12-2023 15:46

231213-s7452agch8 10

General

  • Target

    13570747373.zip

  • Size

    1.6MB

  • Sample

    231213-s7452agch8

  • MD5

    ef1a6c269b9eff080f2f209e311c6f0f

  • SHA1

    f5516c2ed7ec18af23b2dba997910590ef2b78c5

  • SHA256

    df9018383b6488d0c89bbf7063bd1143877ec6f99abf55b1c6846457baa7e080

  • SHA512

    f0cfadb02fea82a2ddfaa37ffa5c6d14d4ef8c82cd2517aa9ff1694342e418ae3c92f460b64ee13af73f48f8c560b1befa32cabf4547690715a13250614e0b7c

  • SSDEEP

    49152:PBeg5WtK7lN8ZG/chKeo6kDRddx28yJADSKwGDZAyN:ZeSDgKnRPx28eADSKwGDZP

Score
10/10

Malware Config

Targets

    • Target

      08c11a4d6f275b0a5b57871c8d02097ec77019215ef66fb4e73dc7c29cf6833c

    • Size

      3.9MB

    • MD5

      37130df0dc6057afaf677c2907eebdb4

    • SHA1

      75caff36d1115049d605f91a651bf0f8479118cc

    • SHA256

      08c11a4d6f275b0a5b57871c8d02097ec77019215ef66fb4e73dc7c29cf6833c

    • SHA512

      357185b2e36508485329a13792a9741ea5040db09b482e6ce10a67581f982883df79b0367a53bb8fcc2574fcdf2dddb97ced0303dfd72a1ee670182bf8001274

    • SSDEEP

      49152:WYS35HobXrb/TavO90dL3BmAFd4A64nsfJoJLNXdCVpo/MFKQm8cjdFiMLz4zy4y:WYCobCJZ0S5Qmxvl4fEwe8xj/E

    Score
    10/10
    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks