8c27321c5bc40131cf7873a52907433ae736e8e2801ec8aadc350c17852b55af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mm.ps1
Size

23KB
Sample

240508-vb39zage56
MD5

693b6c4521f4802b224456fc3e44761d
SHA1

a9e9df6762418bbed030e825099282da59278db0
SHA256

8c27321c5bc40131cf7873a52907433ae736e8e2801ec8aadc350c17852b55af
SHA512

1137c0d2c2639c054559b631eee03c209eae0c83d8754fdd827f880e9d85940dbf10c333c75d27dae4048cd7d64edbbcebe50acb58095022f2f7bb63077ddc28
SSDEEP

384:GNUnhcaoiWyW+ud7/HLHajbwHcGlftuLGuIw2wNhODLMVqVGGGMrGMbGba0Ni0aR:GNUnhcaoiWyW+ud7/r6jbw8GlftuLGuu

Score

8^/10

execution

Malware Config

Targets

- Target
  
  mm.ps1
- Size
  
  23KB
- MD5
  
  693b6c4521f4802b224456fc3e44761d
- SHA1
  
  a9e9df6762418bbed030e825099282da59278db0
- SHA256
  
  8c27321c5bc40131cf7873a52907433ae736e8e2801ec8aadc350c17852b55af
- SHA512
  
  1137c0d2c2639c054559b631eee03c209eae0c83d8754fdd827f880e9d85940dbf10c333c75d27dae4048cd7d64edbbcebe50acb58095022f2f7bb63077ddc28
- SSDEEP
  
  384:GNUnhcaoiWyW+ud7/HLHajbwHcGlftuLGuIw2wNhODLMVqVGGGMrGMbGba0Ni0aR:GNUnhcaoiWyW+ud7/r6jbw8GlftuLGuu
Score

8^/10

execution
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2