bca24ca531f79c88f1af10abe7c03ae88fb55de5f83ab1855f2eb4c96141cc64 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c91031e6049c7943420751e578fdd25b
Size

3.0MB
Sample

240314-tszgnsag73
MD5

c91031e6049c7943420751e578fdd25b
SHA1

3b04514f1a19fda8f81f58f2987d9897298fb267
SHA256

bca24ca531f79c88f1af10abe7c03ae88fb55de5f83ab1855f2eb4c96141cc64
SHA512

3983f02f931330fb884d930c8530a62d6fff2f2ca6ec8cb84223f0cb2ad957ed873d690873b51bd447d2a2d12aedfd28240384d0da51f66c4c0a56046293e224
SSDEEP

98304:mH0hQpsvXeoLaQKUhGnjdj/Ok1nZNK1ViZZoa:mHYV2om5UhGV/OkvNMVgoa

Score

8^/10

Malware Config

Targets

- Target
  
  c91031e6049c7943420751e578fdd25b
- Size
  
  3.0MB
- MD5
  
  c91031e6049c7943420751e578fdd25b
- SHA1
  
  3b04514f1a19fda8f81f58f2987d9897298fb267
- SHA256
  
  bca24ca531f79c88f1af10abe7c03ae88fb55de5f83ab1855f2eb4c96141cc64
- SHA512
  
  3983f02f931330fb884d930c8530a62d6fff2f2ca6ec8cb84223f0cb2ad957ed873d690873b51bd447d2a2d12aedfd28240384d0da51f66c4c0a56046293e224
- SSDEEP
  
  98304:mH0hQpsvXeoLaQKUhGnjdj/Ok1nZNK1ViZZoa:mHYV2om5UhGV/OkvNMVgoa
Score

1^/10
behavioral1 behavioral2
- Target
  
  decrypted
- Size
  
  3.0MB
- MD5
  
  1b947e6040c07727496249517239c0ef
- SHA1
  
  6eaebb8d8bc85b64cf6d0c6ff7960fcbcd7f18ea
- SHA256
  
  d04643bff023eb8db76a99ac662c901136c09ef3fc46cd9edc04269a8a22ecf6
- SHA512
  
  75b98f269a64a7308cd4f4a59abc3e2ecf7f95fb6df36031b1f91e755ec9c35c08deb5ab92803fcc18c623e3407374a26fb173bc4e5acd630065b4de451d9311
- SSDEEP
  
  98304:6t7a+cTHwJceh+3Gxk18brJMYwFXI+fS79qIn8:K4cKN4brqYqX7fQ9qK8
Score

8^/10
- Blocklisted process makes network request
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4