General
-
Target
ActiveDirectory
-
Size
39KB
-
Sample
240425-htf6yagf9v
-
MD5
ceb7ab00d30dd72b61b224d3b21e2fbc
-
SHA1
7c6b84fb7a38118b5d0a73f762bcddb135cd884e
-
SHA256
f2b2a07db11a8ccc3f7431c94130a48e746c1aa2129d9e805f4d6bb4d1fc422f
-
SHA512
adf005949440685d838d5dd9f1c0b56bc028d10d2c4eee6278247a3c321a73501f296144d785bf60c538cc916ff3b2152de8fde187d85b551f1ae37c3153cd79
-
SSDEEP
384:5U8YPULwdfgzFf+eh9HxpjACGIlK+yd2CZOW/m:5U8YPUMCf+a97ECGIQ+ydVZzO
Malware Config
Targets
-
-
Target
ActiveDirectory
-
Size
39KB
-
MD5
ceb7ab00d30dd72b61b224d3b21e2fbc
-
SHA1
7c6b84fb7a38118b5d0a73f762bcddb135cd884e
-
SHA256
f2b2a07db11a8ccc3f7431c94130a48e746c1aa2129d9e805f4d6bb4d1fc422f
-
SHA512
adf005949440685d838d5dd9f1c0b56bc028d10d2c4eee6278247a3c321a73501f296144d785bf60c538cc916ff3b2152de8fde187d85b551f1ae37c3153cd79
-
SSDEEP
384:5U8YPULwdfgzFf+eh9HxpjACGIlK+yd2CZOW/m:5U8YPUMCf+a97ECGIQ+ydVZzO
Score7/10-
Exfiltration Over Alternative Protocol
Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
-
System Checks
Adversaries may employ various system checks to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox.
-