General

  • Target

    d7814c9a19d5b9975c3b604016e6585e1312871f7d980b3eea5090b3db08da82.zip

  • Size

    22KB

  • Sample

    240613-cf36natgnn

  • MD5

    aec848688441551a675712644f0ce619

  • SHA1

    ad84393dd34b89dc45afe675475fa9c0fdb3ba40

  • SHA256

    d7814c9a19d5b9975c3b604016e6585e1312871f7d980b3eea5090b3db08da82

  • SHA512

    8a9f1743a294915cbe9a0490ac2435648d9b9cfb4c90cf7ed20f3d75e80b59aaab9833b42ceab08f0ac6223d40a9d19c58b70bb0438a5ad9348117cb509a2362

  • SSDEEP

    192:q455NjsjYHssssssssssssssssssssssxs:ZF1HssssssssssssssssssssssW

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://github.com/s123s1/s/raw/main/update1.bat

exe.dropper

https://github.com/s123s1/s/raw/main/Document.zip

Targets

    • Target

      List of Event Organizers....bat

    • Size

      6.0MB

    • MD5

      bc97ed1199385e1b2e4140b86a862d92

    • SHA1

      72ed60ce1a5504ebd34cc9fb2537424ec5565467

    • SHA256

      dcc2b331d3f83771a48bf66b0845fcf865551197a05ab6ba57996d8a7082ef71

    • SHA512

      53ba5e407965ff4c202feda15a23d51eb97d480b6273f54188959d468442dad71b647350c57d6ca663ecef5fbfdc3514555560ee087bc26a2368e4199b57b6c8

    • SSDEEP

      48:mWr2EK8sEzffLwfYvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvD:2pJErLwz3OpL/CrSa3OJwaPar2aQaAum

    Score
    10/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Drops startup file

MITRE ATT&CK Enterprise v15

Tasks