General

  • Target

    4nlwxAqL

  • Size

    2KB

  • Sample

    241109-tdm54awpbv

  • MD5

    cb8b4bf926403a1c5d453ffd601fe11d

  • SHA1

    badb434a545269ea8d4eccc2d7545df5de4adcbf

  • SHA256

    fc7f68ca9005f52565f592e6232b330bdc53adc21e627adb2ba9a72155a7984f

  • SHA512

    48d24993ce25051c7a1ec16e43b27931544670591cc63748800f81cc7813cb070bb56f493b4a736bb435a8a2c4a85c998e2d5e0884eb63d716f08ed660fde820

Malware Config

Targets

    • Target

      4nlwxAqL

    • Size

      2KB

    • MD5

      cb8b4bf926403a1c5d453ffd601fe11d

    • SHA1

      badb434a545269ea8d4eccc2d7545df5de4adcbf

    • SHA256

      fc7f68ca9005f52565f592e6232b330bdc53adc21e627adb2ba9a72155a7984f

    • SHA512

      48d24993ce25051c7a1ec16e43b27931544670591cc63748800f81cc7813cb070bb56f493b4a736bb435a8a2c4a85c998e2d5e0884eb63d716f08ed660fde820

    • A potential corporate email address has been identified in the URL: [email protected]

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks