General

  • Target

    9bcd35c491ba62549bff203332b63a4c2d3f30fbd113a40acb0479d9213ccc3d

  • Size

    179KB

  • Sample

    240829-1j3w3asgmc

  • MD5

    bb1637383b9748bc2bff948894fc5a0e

  • SHA1

    59c4a1c4462554ed00ad6cb2f86990865bcde86a

  • SHA256

    9bcd35c491ba62549bff203332b63a4c2d3f30fbd113a40acb0479d9213ccc3d

  • SHA512

    ff13c18139a20d41431d90c6eea386984396bd708ba99aeec9538a2c9e1aac97b7855f0444f59a759f998454eb3ef4d227077e45b666e8124e0cb8e5d6f05b7a

  • SSDEEP

    3072:KYVUpjDqF+wRj/eA05iisqKLzlZ/cB7e7+0t5sQ39MK2HczuRivfmhAUsNYhLJbP:BVUpjDqF+wRj/eA05iisqKLzlZ/cB7/V

Malware Config

Targets

    • Target

      9bcd35c491ba62549bff203332b63a4c2d3f30fbd113a40acb0479d9213ccc3d

    • Size

      179KB

    • MD5

      bb1637383b9748bc2bff948894fc5a0e

    • SHA1

      59c4a1c4462554ed00ad6cb2f86990865bcde86a

    • SHA256

      9bcd35c491ba62549bff203332b63a4c2d3f30fbd113a40acb0479d9213ccc3d

    • SHA512

      ff13c18139a20d41431d90c6eea386984396bd708ba99aeec9538a2c9e1aac97b7855f0444f59a759f998454eb3ef4d227077e45b666e8124e0cb8e5d6f05b7a

    • SSDEEP

      3072:KYVUpjDqF+wRj/eA05iisqKLzlZ/cB7e7+0t5sQ39MK2HczuRivfmhAUsNYhLJbP:BVUpjDqF+wRj/eA05iisqKLzlZ/cB7/V

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Suspicious Office macro

      Office document equipped with 4.0 macros.

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks