General

  • Target

    6bCJsJc

  • Size

    8KB

  • Sample

    240720-fpq48s1cpf

  • MD5

    6c8b681e5292f49eb20ac63005a7e23f

  • SHA1

    edf97a2d8a057a74b3d6c7aed08e27dd87ed9ac3

  • SHA256

    a6e09e40a6f8bdb2486a5bda476628d89512987b99301d822b6a72836e3f8100

  • SHA512

    925dbd2a9b5c02b8f70e66c44596efe347d1176b484b858ccd344508b14a64ef835b44f9e5569143c8167df249bb94bee9dbaf6acc8d98e38fd44116717d514d

  • SSDEEP

    96:jhxk2gCJg6aPmgr3kzxfMJ22Fq2YkKw2DmgNoP2AIKq3PL0uXns7q:1m2g+g6a/4x+22g2YW2DFe2f3ouXnkq

Malware Config

Targets

    • Target

      6bCJsJc

    • Size

      8KB

    • MD5

      6c8b681e5292f49eb20ac63005a7e23f

    • SHA1

      edf97a2d8a057a74b3d6c7aed08e27dd87ed9ac3

    • SHA256

      a6e09e40a6f8bdb2486a5bda476628d89512987b99301d822b6a72836e3f8100

    • SHA512

      925dbd2a9b5c02b8f70e66c44596efe347d1176b484b858ccd344508b14a64ef835b44f9e5569143c8167df249bb94bee9dbaf6acc8d98e38fd44116717d514d

    • SSDEEP

      96:jhxk2gCJg6aPmgr3kzxfMJ22Fq2YkKw2DmgNoP2AIKq3PL0uXns7q:1m2g+g6a/4x+22g2YW2DFe2f3ouXnkq

    • Office macro that triggers on suspicious action

      Office document macro which triggers in special circumstances - often malicious.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    • Probable phishing domain

MITRE ATT&CK Enterprise v15

Tasks