General

  • Target

    c0485c0fd710a32188c943866e42d2d397aee0ca528cdea968572593f5a0d2dd

  • Size

    187KB

  • Sample

    240829-1kyczasgre

  • MD5

    5adfb189fe63eeee7c78752208d6d908

  • SHA1

    f9110e13fdcac5e3e5ed4f0562d977e5ba009c57

  • SHA256

    c0485c0fd710a32188c943866e42d2d397aee0ca528cdea968572593f5a0d2dd

  • SHA512

    2c7102490d1b6d55c4904b867b51cd396559763510f35cc59060012bc0b44c0bfa4c8384fa504f84f87a0f2ed07142b5a9b78c19cff9b7991aec344cf7979580

  • SSDEEP

    3072:KK8xEtjPOtioVjDGUU1qfDlaGGx+cLYIxRo+0qA39d2HczuRiLPmR8QK1w5pX9I6:mxEtjPOtioVjDGUU1qfDlavx+WYIxRxu

Malware Config

Targets

    • Target

      c0485c0fd710a32188c943866e42d2d397aee0ca528cdea968572593f5a0d2dd

    • Size

      187KB

    • MD5

      5adfb189fe63eeee7c78752208d6d908

    • SHA1

      f9110e13fdcac5e3e5ed4f0562d977e5ba009c57

    • SHA256

      c0485c0fd710a32188c943866e42d2d397aee0ca528cdea968572593f5a0d2dd

    • SHA512

      2c7102490d1b6d55c4904b867b51cd396559763510f35cc59060012bc0b44c0bfa4c8384fa504f84f87a0f2ed07142b5a9b78c19cff9b7991aec344cf7979580

    • SSDEEP

      3072:KK8xEtjPOtioVjDGUU1qfDlaGGx+cLYIxRo+0qA39d2HczuRiLPmR8QK1w5pX9I6:mxEtjPOtioVjDGUU1qfDlavx+WYIxRxu

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Suspicious Office macro

      Office document equipped with 4.0 macros.

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks