4fbb94a638ea03db6df456af731c6cbd05ba82242287f7880bb7f1be8b24b6d6 | Triage

Resubmissions

16/07/2024, 10:17

240716-mbvc3azhjd 8

16/07/2024, 10:14

240716-l94hysxeml 8

Sharing

General

Target

dl.ps1
Size

20KB
Sample

240716-mbvc3azhjd
MD5

557e88aa950865a4fd6b50ebc5b4c223
SHA1

d3508b8e4507b520a5e31082bd0e36dd1c4f0b65
SHA256

4fbb94a638ea03db6df456af731c6cbd05ba82242287f7880bb7f1be8b24b6d6
SHA512

1218f41186c34963b6d4f25d9fc590d8a527dfdd3dec8d9b984f7923ba9254d85a0a03e0187614b2b5f423c918cc40b98106bd9c0e3e7eb429ccbe1e6f6f95a4
SSDEEP

384:GNnnhca8iWyW+ud7/HLHajbwHcGlftuLGuIw+GZwNhODLMVqVGGGMrGMbGba0Ni+:GNnnhca8iWyW+ud7/r6jbw8GlftuLGum

Score

8^/10

execution

Malware Config

Targets

- Target
  
  dl.ps1
- Size
  
  20KB
- MD5
  
  557e88aa950865a4fd6b50ebc5b4c223
- SHA1
  
  d3508b8e4507b520a5e31082bd0e36dd1c4f0b65
- SHA256
  
  4fbb94a638ea03db6df456af731c6cbd05ba82242287f7880bb7f1be8b24b6d6
- SHA512
  
  1218f41186c34963b6d4f25d9fc590d8a527dfdd3dec8d9b984f7923ba9254d85a0a03e0187614b2b5f423c918cc40b98106bd9c0e3e7eb429ccbe1e6f6f95a4
- SSDEEP
  
  384:GNnnhca8iWyW+ud7/HLHajbwHcGlftuLGuIw+GZwNhODLMVqVGGGMrGMbGba0Ni+:GNnnhca8iWyW+ud7/r6jbw8GlftuLGum
Score

8^/10

execution
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2