General

  • Target

    66d366fcdc0cef9a6af89a46909c9710bab0192a473f5ac583940093b990c86c

  • Size

    51KB

  • Sample

    240410-nqjesahc71

  • MD5

    c75b8c150054b5ba27cf08c46e13354e

  • SHA1

    3c596c9408e4f06891131b6d97e653afd1f69452

  • SHA256

    66d366fcdc0cef9a6af89a46909c9710bab0192a473f5ac583940093b990c86c

  • SHA512

    b3ee2a5049d31f48795f50fab3843b363a7ede135a0f0cd82c511ee982a2420cc68fbc2db0d1955df90b5c208faafc3a1b53b62b0bf65d62831091bb92443007

  • SSDEEP

    768:3i54ymrYU+7nzM3Jv+IfNKImNxyCXhboP0BBT2dTM5c8znejsGtQKuy6:yyymrtJvfo3XhqQBTcwK8FOQKG

Score
8/10

Malware Config

Targets

    • Target

      66d366fcdc0cef9a6af89a46909c9710bab0192a473f5ac583940093b990c86c

    • Size

      51KB

    • MD5

      c75b8c150054b5ba27cf08c46e13354e

    • SHA1

      3c596c9408e4f06891131b6d97e653afd1f69452

    • SHA256

      66d366fcdc0cef9a6af89a46909c9710bab0192a473f5ac583940093b990c86c

    • SHA512

      b3ee2a5049d31f48795f50fab3843b363a7ede135a0f0cd82c511ee982a2420cc68fbc2db0d1955df90b5c208faafc3a1b53b62b0bf65d62831091bb92443007

    • SSDEEP

      768:3i54ymrYU+7nzM3Jv+IfNKImNxyCXhboP0BBT2dTM5c8znejsGtQKuy6:yyymrtJvfo3XhqQBTcwK8FOQKG

    Score
    8/10
    • Blocklisted process makes network request

    • Deletes itself

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks