1a357366ee69f83a9c091ee775a44e5cc0fbc2524a50332f9ed261f9ca2d727b | Triage

Resubmissions

25-07-2024 23:32

240725-3jrj5sverf 8

25-07-2024 19:34

240725-x96h4azenm 8

25-07-2024 17:53

240725-wgedgaveml 8

25-07-2024 17:32

240725-v4d6jsxekd 8

Sharing

General

Target

Library.cmd
Size

3.3MB
Sample

240725-v4d6jsxekd
MD5

705ac80b02f73faec8180190bd2b8ce2
SHA1

4f1e20556015edeee8795ea7ef6137b4341b3d80
SHA256

1a357366ee69f83a9c091ee775a44e5cc0fbc2524a50332f9ed261f9ca2d727b
SHA512

da1981a69dee947f2e490c07d452a2881b7a01d09bd6de70ebd9df648db6d8804bbdccff62c40d1a6796ff77ce107cfd01f1dce24369b2b973081c78e5d0de56
SSDEEP

49152:8e90YDSczQOfmBTZ7fSU13LvMeEZng0PJFGrbxM+:0

Score

8^/10

execution

Malware Config

Targets

- Target
  
  Library.cmd
- Size
  
  3.3MB
- MD5
  
  705ac80b02f73faec8180190bd2b8ce2
- SHA1
  
  4f1e20556015edeee8795ea7ef6137b4341b3d80
- SHA256
  
  1a357366ee69f83a9c091ee775a44e5cc0fbc2524a50332f9ed261f9ca2d727b
- SHA512
  
  da1981a69dee947f2e490c07d452a2881b7a01d09bd6de70ebd9df648db6d8804bbdccff62c40d1a6796ff77ce107cfd01f1dce24369b2b973081c78e5d0de56
- SSDEEP
  
  49152:8e90YDSczQOfmBTZ7fSU13LvMeEZng0PJFGrbxM+:0
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2