General

  • Target

    bluemonster.bat

  • Size

    14KB

  • Sample

    240108-d565aabdh6

  • MD5

    80f77e4c60d54aeb28c2196826f2a612

  • SHA1

    424f10acbe90b1717b0d71d19c4975b83bd436f5

  • SHA256

    dec088ed0d2a443fb8fc236d6dcac5b1bcfb7c645144cb74a0f94837bfab53a2

  • SHA512

    1f336d982ba9dd597a3224014c4a7ef86f6b687ea2abd17ec8e08171d8a1018e551e24dd3dbea17bc5f06ae81e097ffcbe47c94674120d6f8097e43941649d29

  • SSDEEP

    96:2vCQigGHsiW3Ltt1L/CrSCP3Ltt5TaykKaTaqIiS:UCQigGMltt1jC2CDtt5bkTIl

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://clonecloneclonewhomanmale.site/run

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://clonecloneclonewhomanmale.site/36idol.zip

Targets

    • Target

      bluemonster.bat

    • Size

      14KB

    • MD5

      80f77e4c60d54aeb28c2196826f2a612

    • SHA1

      424f10acbe90b1717b0d71d19c4975b83bd436f5

    • SHA256

      dec088ed0d2a443fb8fc236d6dcac5b1bcfb7c645144cb74a0f94837bfab53a2

    • SHA512

      1f336d982ba9dd597a3224014c4a7ef86f6b687ea2abd17ec8e08171d8a1018e551e24dd3dbea17bc5f06ae81e097ffcbe47c94674120d6f8097e43941649d29

    • SSDEEP

      96:2vCQigGHsiW3Ltt1L/CrSCP3Ltt5TaykKaTaqIiS:UCQigGMltt1jC2CDtt5bkTIl

    Score
    10/10
    • Blocklisted process makes network request

    • Drops startup file

MITRE ATT&CK Enterprise v15

Tasks