7c5697766ed08fce3ab5ffbfaa972803143837fff6e8ea3a5d087d245f88d332 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

XClient.bat
Size

300KB
Sample

240710-1jet8steqh
MD5

fe82847fa0ad51b9f40ed234892f4041
SHA1

e4304e1815a679296f50cc0efded297132290891
SHA256

7c5697766ed08fce3ab5ffbfaa972803143837fff6e8ea3a5d087d245f88d332
SHA512

5cdc109a66577d7781c43fd93955b47d7e0d4129e43d9657a8ec0938446a691c8b308167d1c3d0ecd896bd502953232c94231640d01d8570710bf6c5d030464d
SSDEEP

6144:npKy9tx987E1gougBTLC56Jt29TPv/aLvXL8Jc/uI6vxx:DxS7E6oug53JODvCUJBXx

Score

8^/10

execution

Malware Config

Targets

- Target
  
  XClient.bat
- Size
  
  300KB
- MD5
  
  fe82847fa0ad51b9f40ed234892f4041
- SHA1
  
  e4304e1815a679296f50cc0efded297132290891
- SHA256
  
  7c5697766ed08fce3ab5ffbfaa972803143837fff6e8ea3a5d087d245f88d332
- SHA512
  
  5cdc109a66577d7781c43fd93955b47d7e0d4129e43d9657a8ec0938446a691c8b308167d1c3d0ecd896bd502953232c94231640d01d8570710bf6c5d030464d
- SSDEEP
  
  6144:npKy9tx987E1gougBTLC56Jt29TPv/aLvXL8Jc/uI6vxx:DxS7E6oug53JODvCUJBXx
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1