Resubmissions

09-10-2024 15:25

241009-stsvvaxhjj 10

09-10-2024 15:15

241009-sm4nrssckf 10

General

  • Target

    facturagm-27725407957355783426.zip

  • Size

    49.2MB

  • Sample

    241009-sm4nrssckf

  • MD5

    79e9ed02ff9d617c1732776ff596f47a

  • SHA1

    9e3dd3c140198fc5ff080dec7d610f5bb04d2e4a

  • SHA256

    48fa854012e6abef23589909ec3293efc3df0ab2b5ef4406ccaf7ee0b68464c6

  • SHA512

    7b418b82b6f8b7fb165ee2ca3a014ce94bd229a10d11fc141be8dea47a728e04670cfa795757d0ea6bf127db13952c4e4b1bc4ec3f25f623a5f108734b76d241

  • SSDEEP

    1572864:4ltjOLVis6A90iwyhwLmWaBOZF+QLr45/rby0:4ltjORX9VnqaBOj96/Xy0

Malware Config

Targets

    • Target

      facturagm-27725407957355783426.zip

    • Size

      49.2MB

    • MD5

      79e9ed02ff9d617c1732776ff596f47a

    • SHA1

      9e3dd3c140198fc5ff080dec7d610f5bb04d2e4a

    • SHA256

      48fa854012e6abef23589909ec3293efc3df0ab2b5ef4406ccaf7ee0b68464c6

    • SHA512

      7b418b82b6f8b7fb165ee2ca3a014ce94bd229a10d11fc141be8dea47a728e04670cfa795757d0ea6bf127db13952c4e4b1bc4ec3f25f623a5f108734b76d241

    • SSDEEP

      1572864:4ltjOLVis6A90iwyhwLmWaBOZF+QLr45/rby0:4ltjORX9VnqaBOj96/Xy0

    • Detects HijackLoader (aka IDAT Loader)

    • HijackLoader

      HijackLoader is a multistage loader first seen in 2023.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks