General

  • Target

    jbweblocal.exe

  • Size

    5.9MB

  • Sample

    240522-knnd6shg64

  • MD5

    6e219935d76d91a3f24a0972be49b8b1

  • SHA1

    c86d31bfa11e0cebaa5ac989ed155be26df19ebd

  • SHA256

    4f1abe960db5808e10b1f16d6ed63567fd80b785e1d3a471b86d04b99da741f6

  • SHA512

    901a2b96f1ab6ecf9f30b80031ddc152ff9271b1820f4166f4528f9eb628fb3f6cd4f557de6eb28b906269d37ba65f4af555be723191906960f20480d6207a1c

  • SSDEEP

    98304:Z4IBLEpzoLLJ3TbwaVvrZE0I8UI8F/Vtt1mIi3pRN8D8cXuz+W1Tb6eL5hx6uWYw:Z46LE9onJ5hrZE+e9tGPqKyGTblKuWYw

Malware Config

Targets

    • Target

      jbweblocal.exe

    • Size

      5.9MB

    • MD5

      6e219935d76d91a3f24a0972be49b8b1

    • SHA1

      c86d31bfa11e0cebaa5ac989ed155be26df19ebd

    • SHA256

      4f1abe960db5808e10b1f16d6ed63567fd80b785e1d3a471b86d04b99da741f6

    • SHA512

      901a2b96f1ab6ecf9f30b80031ddc152ff9271b1820f4166f4528f9eb628fb3f6cd4f557de6eb28b906269d37ba65f4af555be723191906960f20480d6207a1c

    • SSDEEP

      98304:Z4IBLEpzoLLJ3TbwaVvrZE0I8UI8F/Vtt1mIi3pRN8D8cXuz+W1Tb6eL5hx6uWYw:Z46LE9onJ5hrZE+e9tGPqKyGTblKuWYw

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks