General

  • Target

    8c8ef518239308216d06b4bf9b2771dbb70759cb1c9e6327a1cd045444f2b69a

  • Size

    15KB

  • Sample

    240410-precwsah5w

  • MD5

    be339b83946635d6aa3b1dc3e42c1b02

  • SHA1

    9786ed20fce197edbab2f1bc4c61d153b353bb78

  • SHA256

    8c8ef518239308216d06b4bf9b2771dbb70759cb1c9e6327a1cd045444f2b69a

  • SHA512

    6119d893e6f6ea385c722d383527963aeccf0f8275ad7845089b6a9863b67cf0ccd5c88da75faaf2830b8b17069c3b270b9315b25ed5db028b66a72badce052a

  • SSDEEP

    384:AKllveblGIeWg4OXNUGKIeuUEYrcQITMaT6QQ:AKllvebYIebhXC8CEYrIgBQQ

Score
10/10

Malware Config

Targets

    • Target

      8c8ef518239308216d06b4bf9b2771dbb70759cb1c9e6327a1cd045444f2b69a

    • Size

      15KB

    • MD5

      be339b83946635d6aa3b1dc3e42c1b02

    • SHA1

      9786ed20fce197edbab2f1bc4c61d153b353bb78

    • SHA256

      8c8ef518239308216d06b4bf9b2771dbb70759cb1c9e6327a1cd045444f2b69a

    • SHA512

      6119d893e6f6ea385c722d383527963aeccf0f8275ad7845089b6a9863b67cf0ccd5c88da75faaf2830b8b17069c3b270b9315b25ed5db028b66a72badce052a

    • SSDEEP

      384:AKllveblGIeWg4OXNUGKIeuUEYrcQITMaT6QQ:AKllvebYIebhXC8CEYrIgBQQ

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Use of msiexec (install) with remote resource

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks