f935a1f2539b81856ee7e2689166830af281373f787ca92130c2472d10b77d75 | Triage

Sharing

General

Target

6a44463feb077a9b6570bae5039b233bfbf2847045b489602aafdc7b035661a7.zip
Size

10KB
Sample

240613-vgtygsxbqb
MD5

58dafd10137ae95bea034bab0eccd22d
SHA1

d517423e98e5fa708f738fcb2edc072d918d699f
SHA256

f935a1f2539b81856ee7e2689166830af281373f787ca92130c2472d10b77d75
SHA512

741de5a45ea0dc84ea71ac608a0b669f530f990ac40fda56c230ff4080a20712fd9c5765d6ffb86c6f9e8a5b9926ababb23e1a0f0a36b8842afb2c5d74cb218f
SSDEEP

192:pCayBP3NEYxnKXaZ+w+0NgvtQ2MkqJ5D+kSgmVHqgAsB6b5M4XkfxYnrM9CMcU:ptyBPNf9BnVjnJt0gmVKgd58kN9cU

Score

8^/10

execution

Malware Config

Targets

- Target
  
  6a44463feb077a9b6570bae5039b233bfbf2847045b489602aafdc7b035661a7.vbs
- Size
  
  23KB
- MD5
  
  e1e5fd99ab7b6f8a803afa4351fbbaa5
- SHA1
  
  8774a7ac4edea00515ee3f0dbc216eb9d04eea5f
- SHA256
  
  6a44463feb077a9b6570bae5039b233bfbf2847045b489602aafdc7b035661a7
- SHA512
  
  d4ce6420663186d3ccc4316c0a27c8b45e2d0c3caa35ab728254f3f5568b123160d64a53e563c888dfb9335a7aaca6ee150a8ab99614a0dac44c0e07af88b22f
- SSDEEP
  
  384:IRLsQ6YaZ0Q3L8Epp2TWQ3ejkH7sHFKYc0H4VFOy9q:INszYk0SL8EpeWrkIFKYc0H4TO+q
Score

8^/10

execution
- Blocklisted process makes network request
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2