e84076da0af0dee161fafeba9739362b9c422ac3456c6054045da6519a669bc4 | Triage

Resubmissions

21/09/2024, 01:17

240921-bnkhvaybpb 6

20/09/2024, 22:51

240920-2s1nqssgrk 6

Sharing

General

Target

MAS_AIO.cmd
Size

426KB
Sample

240921-bnkhvaybpb
MD5

afc260e4b427800bfd63abb49b3681ce
SHA1

6470189b641d85b9e99dedb4baac4ebf8f1cf539
SHA256

e84076da0af0dee161fafeba9739362b9c422ac3456c6054045da6519a669bc4
SHA512

8e2a68c7f236e77275dce771593d320afb7de77a1d7a36972cc4712a9e408346943b85ede98615d23d7c27be00fe00ad6022ed8fb8e6313934fa79d5139ddd7f
SSDEEP

3072:GIpRnkRVRfRWhFdR9RYI29BKRDA5RFowgJmBMZgnnwBRdDR9RpRDCj4lRaR8Z17n:liIAkiow6C5ozDTsPBUmU0yknEWuD

Score

6^/10

defense_evasion discovery execution

Malware Config

Targets

- Target
  
  MAS_AIO.cmd
- Size
  
  426KB
- MD5
  
  afc260e4b427800bfd63abb49b3681ce
- SHA1
  
  6470189b641d85b9e99dedb4baac4ebf8f1cf539
- SHA256
  
  e84076da0af0dee161fafeba9739362b9c422ac3456c6054045da6519a669bc4
- SHA512
  
  8e2a68c7f236e77275dce771593d320afb7de77a1d7a36972cc4712a9e408346943b85ede98615d23d7c27be00fe00ad6022ed8fb8e6313934fa79d5139ddd7f
- SSDEEP
  
  3072:GIpRnkRVRfRWhFdR9RYI29BKRDA5RFowgJmBMZgnnwBRdDR9RpRDCj4lRaR8Z17n:liIAkiow6C5ozDTsPBUmU0yknEWuD
Score

6^/10

discovery execution defense_evasion
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

defense_evasiondiscoveryexecution