2a8ce80432bb82160f68a6438d0f07b2194c6d31cbd64a6f2536fef945860e8f | Triage

Sharing

General

Target

2a8ce80432bb82160f68a6438d0f07b2194c6d31cbd64a6f2536fef945860e8f.7z
Size

12KB
Sample

240614-wtrvbs1emd
MD5

bf6f2f0ac53150d1627d1ba6c4ca15cf
SHA1

83b3a4c89f8bad97f438fd86e1a7802637e1baa7
SHA256

2a8ce80432bb82160f68a6438d0f07b2194c6d31cbd64a6f2536fef945860e8f
SHA512

c2a2d2297008817255cb549d845f84b03285dd53790f1ca27210fa512fbd8991b92bcd22b8959a5d6441826b92c4553e4f45f971f2fbdeb75b015909d7fe4645
SSDEEP

192:k/2WUsp45FhZmAI1zC+HhOXXibLEZqRyC8F4/uKKkRZGkRJtVmF5aRItQ1tXJsv9:k/2WXpQGzn0Cw11kRZGqJtZR8QLXira0

Score

8^/10

execution

Malware Config

Targets

- Target
  
  FILE_SC7678-2024_73664774643_66773635466_904088477321.vbs
- Size
  
  22KB
- MD5
  
  7069ed97b8f0d124e27b5661ca21d3f8
- SHA1
  
  ea1378c90018b9b047a576cdbc82b6c08ea3c02d
- SHA256
  
  c1bdaee5fbb07524124295860759ee7feed5eacba39c10c1bb26071093f8c7ff
- SHA512
  
  3c29ad49bb77af794eaa631988baf99a0aec50d7dea2ee1a79e3cd67ceb629fc5813d54241d8ad28b141aa7b4220d792d189fec3f47c0fd80fc060c7673a67f5
- SSDEEP
  
  384:z287P6RjC5x0ePogJ5Ka+Pp7al0Qg6WoxD8Mcq3a1E8d9ygbscesQcXjEHaI3nY4:z287P6RjCr0ePNJ5Ka+Pp7alk7oHcqq6
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2