f2f028056df2af6bbc7a7f04307264e2ffbb66f314fa57c05a151e83a6f5e5ef

General

Target

f2f028056df2af6bbc7a7f04307264e2ffbb66f314fa57c05a151e83a6f5e5ef
Size

1.1MB
Sample

240920-b2j48ssgll
MD5

033f4849d1e95ae791ec6d2de323df9b
SHA1

014ee280d2e8f8034e1f1dbe87c8860bcb83a1bc
SHA256

f2f028056df2af6bbc7a7f04307264e2ffbb66f314fa57c05a151e83a6f5e5ef
SHA512

147fc794025862de208234ad8c9647862a2036a855e4fe4801e62a0a31870df4903e1b35ac28a8d3712dbfb22725cdcd98fbaa46c32b3e39ece38e900ca58041
SSDEEP

24576:fXWZ5PbcmC3f/DFNkTF8t2o4l4ox+gnaZIhsGbG5O2L:u7jcmWH/IjnaZn0AO2L

Score

10^/10

execution

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://habarimoto24.com/nh

exe.dropper

http://fenett2018.com/dobgx

exe.dropper

http://eastend.jp/bl5kfa

exe.dropper

http://bemnyc.com/u8erijeq

exe.dropper

http://abakus-biuro.net//a9zqemm

exe.dropper

http://yourmother4cancer.info/Nereidae/ZdDZ/umping?HGn3Nw=1932-05-23

Targets

- Target
  
  f2f028056df2af6bbc7a7f04307264e2ffbb66f314fa57c05a151e83a6f5e5ef
- Size
  
  1.1MB
- MD5
  
  033f4849d1e95ae791ec6d2de323df9b
- SHA1
  
  014ee280d2e8f8034e1f1dbe87c8860bcb83a1bc
- SHA256
  
  f2f028056df2af6bbc7a7f04307264e2ffbb66f314fa57c05a151e83a6f5e5ef
- SHA512
  
  147fc794025862de208234ad8c9647862a2036a855e4fe4801e62a0a31870df4903e1b35ac28a8d3712dbfb22725cdcd98fbaa46c32b3e39ece38e900ca58041
- SSDEEP
  
  24576:fXWZ5PbcmC3f/DFNkTF8t2o4l4ox+gnaZIhsGbG5O2L:u7jcmWH/IjnaZn0AO2L
Score

8^/10

execution
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

1

T1059

PowerShell

1

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2