0546b035a94953d33a5c6d04bdc9521b49b2a98a51d38481b1f35667f5449326 | Triage

Sharing

General

Target

SKU_0001710-1-2024-SX-3762.iso
Size

66KB
Sample

241017-r1wdwa1fla
MD5

bbf0cea884551ec27c84fd626d910368
SHA1

e1112877f6ef791292637f17d44ecd701badf266
SHA256

0546b035a94953d33a5c6d04bdc9521b49b2a98a51d38481b1f35667f5449326
SHA512

f914139d8871cf9344fadc1045cdb512de114f2920817c94c3fcf942acb09de9cf24ee3f0c4b1bd0214fae9497a800e8fe043ec840cb9acfb73801cae59d6bfc
SSDEEP

96:5vXZ+buxRrcsSLAGiMygfOYiAx2MSauo6SrBJb4yr5BgD:hXZ+IrFSs3Hg5iAx2MSauoNVJ0yFB

Score

8^/10

execution

Malware Config

Targets

- Target
  
  SKU_0001710-1-2024-SX-3762.bat
- Size
  
  5KB
- MD5
  
  fb6e5f4c35e2410abe92acca08412d29
- SHA1
  
  3e70e5fa943bf9ba4e2cadd21fc3b03a3ac899b8
- SHA256
  
  4f1b5d4bb6d0a7227948fb7ebb7765f3eb4b26288b52356453b74ea530111520
- SHA512
  
  3b7557f2429f2b420b59486a1bf40bf628d813257f0f4ac18d3141f3c0dc2661c71a18d16bffd24bb821993dbe8d58921befc72a6352282664526578d981068b
- SSDEEP
  
  96:huxRrcsSLAGiMygfOYiAx2MSauo6SrBJb4yr5BgDk:2rFSs3Hg5iAx2MSauoNVJ0yFBD
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2