43c1958f524dd04b27c4e75be829934ff47105160eec2db9f896223b5778a0a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43c1958f524dd04b27c4e75be829934ff47105160eec2db9f896223b5778a0a3
Size

502KB
Sample

241012-sn5x8axbjd
MD5

c6c6179da32433c7deb85335b3d27516
SHA1

7508cb14186cbeb732b3eefb7166c1e0cfd4fe68
SHA256

43c1958f524dd04b27c4e75be829934ff47105160eec2db9f896223b5778a0a3
SHA512

245dc76714b44d076ac9f746d66d5bdf5dbe31352a310ca35dcaf1be09044869eb9061aaa272f9115e0f827cf14672bc1795bb6c20906ada46998376021e6961
SSDEEP

12288:s9ttgdxeC0V7eMw1P1bYBIfxDec66fHJc27:s9Hsxe12PhxpJc27

Score

7^/10

execution

Malware Config

Targets

- Target
  
  PowerRun.exe
- Size
  
  873KB
- MD5
  
  fc1fb033d57f72089fb4762245a8b18d
- SHA1
  
  7ec0f7ca5f0e0d20e5372bf69865d0a809e6cc8e
- SHA256
  
  a6fa768c4964c328c748558627c20c2ba455e589a1b87cfa3911d197da1688d2
- SHA512
  
  cff3833e592a5fe1f1fcb656c42e77fdd177c902f84cf396365cfa04edc9ec046de3473a943779d3815bc36bf48182101703b20b08ae580c2b3ba20508d231d0
- SSDEEP
  
  24576:g2DW/xbWX2YIb3Qsu3/PNL3Q7HybtTpAA+c:g2EaXSQsW/PNjQLY9ARc
Score

4^/10
behavioral1 behavioral2
- Target
  
  RemoveSecHealthApp.ps1
- Size
  
  1KB
- MD5
  
  e578450ec12ca326ee55a47f121defa3
- SHA1
  
  5c9ac60207ce7bf80ca0cd075ec196deba41f2cc
- SHA256
  
  b29d37c2d89b1d20ae79863e55a8bd41ee430a6115d695435cf3f5976dc35d32
- SHA512
  
  1d524d422883604f8841d6e88e3f1c138e55426c72c9ed0ba2a7cbd15c1bc01327c1e1f7087b28a3d7a47244b2b92b7bb054f40b3e0a63fc9f3d6fbf13e7ab5b
Score

7^/10

execution
- Executes dropped EXE
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  Script_Run.bat
- Size
  
  9KB
- MD5
  
  5908f057239b57479c9fb998537139df
- SHA1
  
  ae13b32de2991acedec3bdf81c924ca6d6bcf919
- SHA256
  
  fd5be994f7727b486a56d6858f6f84c0028813d9641111e27e9bf9f90e9c20e6
- SHA512
  
  0752e00b285f77890b24dd540829299b330df18aacb2b562c66e52de4491de6677bc8cf4fad6020dd99c04381ffe6b3c0c90a9c6b3751e675e1b6610cd779d87
- SSDEEP
  
  192:I7fgXdVFDefe1z/2fSKzRrc7HMe5z/2fSKzRrc7HSmcj:AgX1eW9YeZOFj
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6