Overview

overview

8

Static

static

1

Download.html

windows11-21h2-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Download

  • Size

    6KB

  • Sample

    240809-hpm4paxfkn

  • MD5

    f903726ce9c72da5bec8460d6be3ba34

  • SHA1

    eb654d85fef1e73b04342f0d455ec51b23c65996

  • SHA256

    86393bfa143404494807b9fb28dd0c829af90e2894cba56f52aee0fc0674605b

  • SHA512

    fc3eeb2cf842e7ce9dbdc08bb98669956ce9c6d07481aedfcef02527f0039e19024b055f03b245689f7215723fcf559d096a87758ca986043b616b8fa634e178

  • SSDEEP

    192:ITmUOaEnvijVW/RaJRay/HRUhgnqzcJmuX0:ITrOLvixW/UJUy/HKAXk

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      Download

    • Size

      6KB

    • MD5

      f903726ce9c72da5bec8460d6be3ba34

    • SHA1

      eb654d85fef1e73b04342f0d455ec51b23c65996

    • SHA256

      86393bfa143404494807b9fb28dd0c829af90e2894cba56f52aee0fc0674605b

    • SHA512

      fc3eeb2cf842e7ce9dbdc08bb98669956ce9c6d07481aedfcef02527f0039e19024b055f03b245689f7215723fcf559d096a87758ca986043b616b8fa634e178

    • SSDEEP

      192:ITmUOaEnvijVW/RaJRay/HRUhgnqzcJmuX0:ITrOLvixW/UJUy/HKAXk

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Network Service Discovery

      Attempt to gather information on host's network.

      discovery

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks