General

  • Target

    65c1d36505a7df989961ff20de2a995246ba411bf09970fa5549c767d46d4ab3

  • Size

    32KB

  • Sample

    240625-z375fstdne

  • MD5

    a07215725952269f43e1fc73c8609ba8

  • SHA1

    9b416b98c8d0bd2dab956e4a64aa560f591c9bf1

  • SHA256

    65c1d36505a7df989961ff20de2a995246ba411bf09970fa5549c767d46d4ab3

  • SHA512

    e442b92b664dd8ebe85145e87e83699e30c8f715ad07b3791a4d05b9855ca879ad4f84215a85134217eb005a2d3600b947e1a6a890e7672693d1b06d4b87ca6d

  • SSDEEP

    192:O24cZEvA+6/6rNavrgYjk+4bWlzvQSsSmN1VTIkrg0jrOFtET/Rn6ma:3yiSwvxjk+tzda1Trg0j8ta/

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://10.10.100.200/6-8-1.ps1

Targets

    • Target

      65c1d36505a7df989961ff20de2a995246ba411bf09970fa5549c767d46d4ab3

    • Size

      32KB

    • MD5

      a07215725952269f43e1fc73c8609ba8

    • SHA1

      9b416b98c8d0bd2dab956e4a64aa560f591c9bf1

    • SHA256

      65c1d36505a7df989961ff20de2a995246ba411bf09970fa5549c767d46d4ab3

    • SHA512

      e442b92b664dd8ebe85145e87e83699e30c8f715ad07b3791a4d05b9855ca879ad4f84215a85134217eb005a2d3600b947e1a6a890e7672693d1b06d4b87ca6d

    • SSDEEP

      192:O24cZEvA+6/6rNavrgYjk+4bWlzvQSsSmN1VTIkrg0jrOFtET/Rn6ma:3yiSwvxjk+tzda1Trg0j8ta/

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks