ff6c4c8d899df66b551c84124e73c1f3ffa04a4d348940f983cf73b2709895d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

rIMGTR657365756.bat
Size

6KB
Sample

241017-qdsh2ascjl
MD5

97f6fcabf941e9e4eb8caaf89cb7c733
SHA1

0aa53ac7dc50e7a16b9ba92024ecd3b141e1aecf
SHA256

ff6c4c8d899df66b551c84124e73c1f3ffa04a4d348940f983cf73b2709895d3
SHA512

f7bc47e006e251ca50b0ca76cb645cb4cafab413a099fde933f40797827bae7f65ef00eb35af971d4b2a5c870fff02416a94cf45d35f8305fc25070455c0e037
SSDEEP

192:ZSgOgQRAVv/0fA6Pdp5ZTkfeUZCJFEEAN:wvB42ACPNC

Score

8^/10

execution

Malware Config

Targets

- Target
  
  rIMGTR657365756.bat
- Size
  
  6KB
- MD5
  
  97f6fcabf941e9e4eb8caaf89cb7c733
- SHA1
  
  0aa53ac7dc50e7a16b9ba92024ecd3b141e1aecf
- SHA256
  
  ff6c4c8d899df66b551c84124e73c1f3ffa04a4d348940f983cf73b2709895d3
- SHA512
  
  f7bc47e006e251ca50b0ca76cb645cb4cafab413a099fde933f40797827bae7f65ef00eb35af971d4b2a5c870fff02416a94cf45d35f8305fc25070455c0e037
- SSDEEP
  
  192:ZSgOgQRAVv/0fA6Pdp5ZTkfeUZCJFEEAN:wvB42ACPNC
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2