General

  • Target

    a65003d0b777e45472d5b51a3614699a9e56cfe727c1a769432b280f464b4524

  • Size

    186KB

  • Sample

    240829-1h75dsvbmq

  • MD5

    2ae1bd4934e00d9d49be0c5e5bf35950

  • SHA1

    a0d468d094be244b2520b95735ee9edd267b7bbf

  • SHA256

    a65003d0b777e45472d5b51a3614699a9e56cfe727c1a769432b280f464b4524

  • SHA512

    2b6b73a9d4cc0024a2f699c38388de47edc86a68d4a546fdf86bacbb6d08c5d5cc86928ebbc6aca48b2f62b51f7788d0f0854d427470b1864e4e9e87d2c5526c

  • SSDEEP

    3072:wK8xEtjPOtioVjDGUU1qfDlaGGx+cLYIxR++0KpqPT39d2HczuRiLPmR8QR1w5p5:gxEtjPOtioVjDGUU1qfDlavx+WYIxR35

Malware Config

Targets

    • Target

      a65003d0b777e45472d5b51a3614699a9e56cfe727c1a769432b280f464b4524

    • Size

      186KB

    • MD5

      2ae1bd4934e00d9d49be0c5e5bf35950

    • SHA1

      a0d468d094be244b2520b95735ee9edd267b7bbf

    • SHA256

      a65003d0b777e45472d5b51a3614699a9e56cfe727c1a769432b280f464b4524

    • SHA512

      2b6b73a9d4cc0024a2f699c38388de47edc86a68d4a546fdf86bacbb6d08c5d5cc86928ebbc6aca48b2f62b51f7788d0f0854d427470b1864e4e9e87d2c5526c

    • SSDEEP

      3072:wK8xEtjPOtioVjDGUU1qfDlaGGx+cLYIxR++0KpqPT39d2HczuRiLPmR8QR1w5p5:gxEtjPOtioVjDGUU1qfDlavx+WYIxR35

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Suspicious Office macro

      Office document equipped with 4.0 macros.

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks