General
-
Target
d7ab2f309ee99f6545c9e1d86166740047965dd8172aec5f0038753c9ff5e9d8
-
Size
154KB
-
Sample
240624-gjz1masckk
-
MD5
5f331887bec34f51cca7ea78815621f7
-
SHA1
2eb81490dd3a74aca55e45495fa162b31bcb79e7
-
SHA256
d7ab2f309ee99f6545c9e1d86166740047965dd8172aec5f0038753c9ff5e9d8
-
SHA512
7a66c5d043139a3b20814ac65110f8151cf652e3f9d959489781fdaea33e9f53ce9fd1992f1a32bff73380c7d9ef47200d8b924a8adf415e7a93421d62eb054d
-
SSDEEP
3072:EahKyd2n3155GWp1icKAArDZz4N9GhbkrNEk1tYT:EahOVp0yN90QE8E
Malware Config
Targets
-
-
Target
d7ab2f309ee99f6545c9e1d86166740047965dd8172aec5f0038753c9ff5e9d8
-
Size
154KB
-
MD5
5f331887bec34f51cca7ea78815621f7
-
SHA1
2eb81490dd3a74aca55e45495fa162b31bcb79e7
-
SHA256
d7ab2f309ee99f6545c9e1d86166740047965dd8172aec5f0038753c9ff5e9d8
-
SHA512
7a66c5d043139a3b20814ac65110f8151cf652e3f9d959489781fdaea33e9f53ce9fd1992f1a32bff73380c7d9ef47200d8b924a8adf415e7a93421d62eb054d
-
SSDEEP
3072:EahKyd2n3155GWp1icKAArDZz4N9GhbkrNEk1tYT:EahOVp0yN90QE8E
Score8/10-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-
Disables Task Manager via registry modification
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
2PowerShell
2Scheduled Task/Job
1Scheduled Task
1Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1