Overview

overview

7

Static

static

5

Quotation.exe

windows7-x64

7

Quotation.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    4482f59bbcaf10e39ee7a2ebf3272b45b00470a3e4827c9dd63b66a0ffd4c559

  • Size

    907KB

  • Sample

    240821-psrdvaydqg

  • MD5

    0fbc8e96b5ae292d60f6f8ecbb2ddf11

  • SHA1

    6a1cf8dd52a5791d6f196dd7f401dce48f1428ac

  • SHA256

    4482f59bbcaf10e39ee7a2ebf3272b45b00470a3e4827c9dd63b66a0ffd4c559

  • SHA512

    2f9f267e276ebacc60cfa07748af4884159311835ba942b7b3ab063dcfc87010f2b58cc992cd9490adaa04258eefc425473b6d12ae11fae3fb6648714d40ad1a

  • SSDEEP

    12288:Rk+8Fble8uSgb7/L/4PTe7x1uqNuY1RBI54Spi0RwFPFWx8G8Fn09jKrs+ccL9MC:HhHSGwIxN/I54OieMt08rCclA5xdta

Score
7/10
discovery

Malware Config

Targets

    • Target

      Quotation.exe

    • Size

      1.4MB

    • MD5

      1e006059f3779403444376d213c89e77

    • SHA1

      c9e293129de50f5f8f7fae3cd75c7d726c8ed18a

    • SHA256

      bb6203484b80acc69bffa9a963f3f661d3d02347f3189b7a2ef290ca48608005

    • SHA512

      293304ec52f1ad6e7c424c2d8403702ebefcc92929401b7f83795df0597406df084275933b7ab2fa2778a54372e08be6603ca1a474e46b51430542dac2a6526b

    • SSDEEP

      24576:yqDEvCTbMWu7rQYlBQcBiT6rprG8aSmJAxSoV9m3E2A/:yTvC/MTQYxsWR7aSDSLE2

    Score
    7/10
    discovery

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks