General

  • Target

    040a487c4979499fe33688461f29a019

  • Size

    125KB

  • Sample

    231225-efyx2sebf7

  • MD5

    040a487c4979499fe33688461f29a019

  • SHA1

    1113ec09f09a278b1328b238d62e010130b94574

  • SHA256

    8ded33683b8fd9325d921b41f87f7a1dfe1f1a6254b4eee7bf6722ba41627d59

  • SHA512

    f1b36ced5caf634c038e869941f4470fe287f461bd8639c64a90a54b69a345b48707981d9e14b23606990d700825aab9625323d8a9cfc34a198b05afe15b82ab

  • SSDEEP

    1536:DOOOpOnN/FmYqVEWzENr4xE3wVbrzQ7ITkR62lRoX8ScJtXwRFM2M/MxIy:zRcy46AVbrzQ7ITk9AshJtXwk5kmy

Score
10/10

Malware Config

Targets

    • Target

      040a487c4979499fe33688461f29a019

    • Size

      125KB

    • MD5

      040a487c4979499fe33688461f29a019

    • SHA1

      1113ec09f09a278b1328b238d62e010130b94574

    • SHA256

      8ded33683b8fd9325d921b41f87f7a1dfe1f1a6254b4eee7bf6722ba41627d59

    • SHA512

      f1b36ced5caf634c038e869941f4470fe287f461bd8639c64a90a54b69a345b48707981d9e14b23606990d700825aab9625323d8a9cfc34a198b05afe15b82ab

    • SSDEEP

      1536:DOOOpOnN/FmYqVEWzENr4xE3wVbrzQ7ITkR62lRoX8ScJtXwRFM2M/MxIy:zRcy46AVbrzQ7ITk9AshJtXwk5kmy

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Suspicious Office macro

      Office document equipped with 4.0 macros.

    • Deletes itself

MITRE ATT&CK Enterprise v15

Tasks