General

  • Target

    index.exe

  • Size

    6.2MB

  • Sample

    240620-r3h7bsxblm

  • MD5

    508fc2df62d7897dfcf2cd107339f6a2

  • SHA1

    8e650007ef99dc880d953fae7705fd7d5421c64b

  • SHA256

    603d9a7950bb6f556fe14e5dadb913f36c75591c7f9b0a342d4de05258d76f5c

  • SHA512

    a3afce0b6a228009300ab99faec59ca37af80fff7533470f9797e54e7d82658dddf3c93634f8ed9bfe34ad6556fb5363baa6e1eae10de83cc8fed349479b5eb5

  • SSDEEP

    196608:rxVhmDdICteErowdNE+sKsXXgvkNC7rt8wrhU:QdInEro+sKkXgsQ1N

Malware Config

Targets

    • Target

      index.exe

    • Size

      6.2MB

    • MD5

      508fc2df62d7897dfcf2cd107339f6a2

    • SHA1

      8e650007ef99dc880d953fae7705fd7d5421c64b

    • SHA256

      603d9a7950bb6f556fe14e5dadb913f36c75591c7f9b0a342d4de05258d76f5c

    • SHA512

      a3afce0b6a228009300ab99faec59ca37af80fff7533470f9797e54e7d82658dddf3c93634f8ed9bfe34ad6556fb5363baa6e1eae10de83cc8fed349479b5eb5

    • SSDEEP

      196608:rxVhmDdICteErowdNE+sKsXXgvkNC7rt8wrhU:QdInEro+sKkXgsQ1N

    Score
    9/10
    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Loads dropped DLL

    • Target

      index.pyc

    • Size

      340B

    • MD5

      6ad6d1ed1e51efc9cd3cf13fb38e8aed

    • SHA1

      e94fa24e37faab6e3fcc3d409e0e9be21d356372

    • SHA256

      6231211d93cdaf77bfa629caa1a57bdaf6388090bef09696a9cfd2768d41e84e

    • SHA512

      917b37660756ebf3805e9947534b30acc9dcf7f722516b1e055f91895cbf9c82ca821950958a2bfd216c0342321b4e5c1ee37a044448637cb271c006481a76b0

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks