General

  • Target

    b41b84de5510915335b89d758c6caa98a2ddba01087a63235c1e373ba1305dea

  • Size

    35KB

  • Sample

    240624-1dp31ssgqd

  • MD5

    5320caedf1e37d2271a6c3000b5a091b

  • SHA1

    e521e34358d1baa528a5afe36336b7048e7a5653

  • SHA256

    b41b84de5510915335b89d758c6caa98a2ddba01087a63235c1e373ba1305dea

  • SHA512

    4c5986014aa68dcd55dce7e9ae2a67dfc3245857e11b66273156baec3e258d116b901a9275dbd200790210fad90bf8d5ad97f076a05a9a66e3317ff428c2937d

  • SSDEEP

    384:ii8iSsqdg1vA9dY7Yc9tSxZJ9FgZmA0jLt1:if+1o9Bc9tSPDF8

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://192.168.49.70/run.txt

Targets

    • Target

      b41b84de5510915335b89d758c6caa98a2ddba01087a63235c1e373ba1305dea

    • Size

      35KB

    • MD5

      5320caedf1e37d2271a6c3000b5a091b

    • SHA1

      e521e34358d1baa528a5afe36336b7048e7a5653

    • SHA256

      b41b84de5510915335b89d758c6caa98a2ddba01087a63235c1e373ba1305dea

    • SHA512

      4c5986014aa68dcd55dce7e9ae2a67dfc3245857e11b66273156baec3e258d116b901a9275dbd200790210fad90bf8d5ad97f076a05a9a66e3317ff428c2937d

    • SSDEEP

      384:ii8iSsqdg1vA9dY7Yc9tSxZJ9FgZmA0jLt1:if+1o9Bc9tSPDF8

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks