a61a13fc5a91783172920a1418c06578f267b83a026bd126e653b259a6eb4bda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Win64.Meterpreter.14735.10805
Size

26KB
Sample

240829-vx9nwasfje
MD5

4629a7d0c64e29caa63f7a4aede12a07
SHA1

3646b60408d282ceaddfb725ac98a71c276b591f
SHA256

a61a13fc5a91783172920a1418c06578f267b83a026bd126e653b259a6eb4bda
SHA512

9cc8734a02a76af07ca39bdd26788307856b7c5653b3be41416dcd84e05087fcddd0f1d10e8ff0f8a75d286fc24c19ab0d3a471146ad343601ea44052d56c0a1
SSDEEP

384:flrcGPGZee0QPt0GkaUVQLBeuMsx2n9J0+1/wfT3ir2WSx7bLzWY:9cV/PFkaUWLcuMswfA3iPmbLn

Score

8^/10

execution

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Trojan.Win64.Meterpreter.14735.10805
- Size
  
  26KB
- MD5
  
  4629a7d0c64e29caa63f7a4aede12a07
- SHA1
  
  3646b60408d282ceaddfb725ac98a71c276b591f
- SHA256
  
  a61a13fc5a91783172920a1418c06578f267b83a026bd126e653b259a6eb4bda
- SHA512
  
  9cc8734a02a76af07ca39bdd26788307856b7c5653b3be41416dcd84e05087fcddd0f1d10e8ff0f8a75d286fc24c19ab0d3a471146ad343601ea44052d56c0a1
- SSDEEP
  
  384:flrcGPGZee0QPt0GkaUVQLBeuMsx2n9J0+1/wfT3ir2WSx7bLzWY:9cV/PFkaUWLcuMswfA3iPmbLn
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2