General

  • Target

    a480fc1da825bcf31404cbad1b256402

  • Size

    129KB

  • Sample

    240225-y3lqsabc35

  • MD5

    a480fc1da825bcf31404cbad1b256402

  • SHA1

    57a26e83939905e82f01292052da077fd6d4ef8e

  • SHA256

    5b3340bd81ec30ef4a67d549297fc21e57cd61afd821adda49f0958839c3b352

  • SHA512

    46f62f65b11acf08f0cb8608ddcfeca0f0dcf578c1e0facc822f6d8a1af31c861e36ebc484a47fdcc3e3069d857a336ad46ba2b26bc4f42a0c23fd3f6a079717

  • SSDEEP

    3072:CMsPK6wSIUvfhfGOeJoBWVbrzQ7IdAkTs9ww33XjUJtXwIq:TeVGOeO33Xu

Score
10/10

Malware Config

Targets

    • Target

      a480fc1da825bcf31404cbad1b256402

    • Size

      129KB

    • MD5

      a480fc1da825bcf31404cbad1b256402

    • SHA1

      57a26e83939905e82f01292052da077fd6d4ef8e

    • SHA256

      5b3340bd81ec30ef4a67d549297fc21e57cd61afd821adda49f0958839c3b352

    • SHA512

      46f62f65b11acf08f0cb8608ddcfeca0f0dcf578c1e0facc822f6d8a1af31c861e36ebc484a47fdcc3e3069d857a336ad46ba2b26bc4f42a0c23fd3f6a079717

    • SSDEEP

      3072:CMsPK6wSIUvfhfGOeJoBWVbrzQ7IdAkTs9ww33XjUJtXwIq:TeVGOeO33Xu

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

MITRE ATT&CK Enterprise v15

Tasks