fe28d8146e0d69460e868c2710bb978ee378dc9cec1af7b3211327267337746c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

OSAKA_OMGGG-obf.bat
Size

38KB
Sample

240315-26n7vsde7z
MD5

4c18a3e2f23a81e632f3b2a7d1ade2f3
SHA1

98606d6a40d8c8764d6618d94c3a740710e36d7f
SHA256

fe28d8146e0d69460e868c2710bb978ee378dc9cec1af7b3211327267337746c
SHA512

937d280d7bd40387a6bd3e3c9ecf83ec8b933e4f19ed4cb6cbf2ead5aacbe1f8b1718886feb8d684ab5d5f811f528a67c28453033ff0dbdf4b329bae8a2bb6b3
SSDEEP

384:e3lBHyJ/JRxdAmoT7C4sYIKeXli8cnT1yZ8XJb2h4pBFeJjWe:QlBHyJhR3AmUfLIf3GYjxT

Score

6^/10

Malware Config

Targets

- Target
  
  OSAKA_OMGGG-obf.bat
- Size
  
  38KB
- MD5
  
  4c18a3e2f23a81e632f3b2a7d1ade2f3
- SHA1
  
  98606d6a40d8c8764d6618d94c3a740710e36d7f
- SHA256
  
  fe28d8146e0d69460e868c2710bb978ee378dc9cec1af7b3211327267337746c
- SHA512
  
  937d280d7bd40387a6bd3e3c9ecf83ec8b933e4f19ed4cb6cbf2ead5aacbe1f8b1718886feb8d684ab5d5f811f528a67c28453033ff0dbdf4b329bae8a2bb6b3
- SSDEEP
  
  384:e3lBHyJ/JRxdAmoT7C4sYIKeXli8cnT1yZ8XJb2h4pBFeJjWe:QlBHyJhR3AmUfLIf3GYjxT
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1