d3e7de256b57bdacedc00a172b556b8b2206eccfd972b1d3b5b179793f77f06d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fM41hzb.exe
Size

498KB
Sample

240814-b9lyssyhrk
MD5

4e00e105362e6ba9f60993d8d019d9d2
SHA1

34cb39be69d2772074c885dee686fac958fb4e40
SHA256

d3e7de256b57bdacedc00a172b556b8b2206eccfd972b1d3b5b179793f77f06d
SHA512

a33f72bbbf5c379d0ebd92b42337b14ab58e362972d84e0f24d41f0fc7d1846571a446a3c2b3c77d91a3a56f87c787016119c0dfe13d76220eb66b75d0bacf42
SSDEEP

12288:yhVKiETo2H5nAZvOWYgeWYg955/155/uybnhUDP:OP2BovWybnh

Score

8^/10

execution

Malware Config

Targets

- Target
  
  fM41hzb.exe
- Size
  
  498KB
- MD5
  
  4e00e105362e6ba9f60993d8d019d9d2
- SHA1
  
  34cb39be69d2772074c885dee686fac958fb4e40
- SHA256
  
  d3e7de256b57bdacedc00a172b556b8b2206eccfd972b1d3b5b179793f77f06d
- SHA512
  
  a33f72bbbf5c379d0ebd92b42337b14ab58e362972d84e0f24d41f0fc7d1846571a446a3c2b3c77d91a3a56f87c787016119c0dfe13d76220eb66b75d0bacf42
- SSDEEP
  
  12288:yhVKiETo2H5nAZvOWYgeWYg955/155/uybnhUDP:OP2BovWybnh
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2