Overview

overview

8

Static

static

1

sexy.rar

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    sexy.rar

  • Size

    4KB

  • Sample

    240820-pkltdsvgmn

  • MD5

    00c1dd3288c1c44dbf597bc04265c6ab

  • SHA1

    45a098b283b434cc6eb779759045b4ee11df58a1

  • SHA256

    1f995eed9706988b601ecc551f90194023f29a878e6e389f295cc57f32978ca0

  • SHA512

    36b11276e4011c302adbe00017503b77d2cbe158f91902468f2a28d62429fec0b4a2abf88e7169b3d9a7a658503f4f9dc421704d461d3bb2cf66630f1b83be6a

  • SSDEEP

    96:ZSFx3Uci3pStR1FF3DLFOLaakYTRTXgeKK03Xqltzi6ndosf:VFpSr1FFncLaHwwUSaltz5dow

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      sexy.rar

    • Size

      4KB

    • MD5

      00c1dd3288c1c44dbf597bc04265c6ab

    • SHA1

      45a098b283b434cc6eb779759045b4ee11df58a1

    • SHA256

      1f995eed9706988b601ecc551f90194023f29a878e6e389f295cc57f32978ca0

    • SHA512

      36b11276e4011c302adbe00017503b77d2cbe158f91902468f2a28d62429fec0b4a2abf88e7169b3d9a7a658503f4f9dc421704d461d3bb2cf66630f1b83be6a

    • SSDEEP

      96:ZSFx3Uci3pStR1FF3DLFOLaakYTRTXgeKK03Xqltzi6ndosf:VFpSr1FFncLaHwwUSaltz5dow

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Downloads MZ/PE file

    • Drops startup file

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks