6777c7101c64beea0c783290f61035c3a92152512aa0c3cef995ffe5b07a1f34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-13_5c9bd78c184328db128a94dc3fb64b52_avoslocker
Size

4.8MB
Sample

240813-w3ddaszalc
MD5

5c9bd78c184328db128a94dc3fb64b52
SHA1

1641e03583864c30e34a109a581b719d3eefe359
SHA256

6777c7101c64beea0c783290f61035c3a92152512aa0c3cef995ffe5b07a1f34
SHA512

e81e0c0004b4d4c42e0341be045b970ace0333e87f4f55b500df950b2ecf26b162e47dc15a9fa4a4572638c151c0000d50dda93e034bea2951e16f8db17f6380
SSDEEP

98304:VqcnOg/iqlrgOfKXqXPxyPs0PcNHOXtS0MPEfHCcclVs1l1TtLrLtaYxS7pBoH:aOKq5ZucNHOX3MlcGetpxS7no

Score

10^/10

discovery

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
framework.pcsoft.fr
Port:
21
Username:
framework
Password:
framework

Targets

- Target
  
  2024-08-13_5c9bd78c184328db128a94dc3fb64b52_avoslocker
- Size
  
  4.8MB
- MD5
  
  5c9bd78c184328db128a94dc3fb64b52
- SHA1
  
  1641e03583864c30e34a109a581b719d3eefe359
- SHA256
  
  6777c7101c64beea0c783290f61035c3a92152512aa0c3cef995ffe5b07a1f34
- SHA512
  
  e81e0c0004b4d4c42e0341be045b970ace0333e87f4f55b500df950b2ecf26b162e47dc15a9fa4a4572638c151c0000d50dda93e034bea2951e16f8db17f6380
- SSDEEP
  
  98304:VqcnOg/iqlrgOfKXqXPxyPs0PcNHOXtS0MPEfHCcclVs1l1TtLrLtaYxS7pBoH:aOKq5ZucNHOX3MlcGetpxS7no
Score

10^/10

discovery
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2