General

  • Target

    sample

  • Size

    66KB

  • Sample

    241109-zzv1qasdqd

  • MD5

    01fcc17f03ee8949b90a183f37499f3d

  • SHA1

    b8d2f39c1210d57c2cccb2da6b450a8171733714

  • SHA256

    60cc8d99987dfc530584a598fdd63c2a92c524876c859d86cc3dce262f7e42be

  • SHA512

    0625ab372738f098ac0eb660149004e95a50c477e3dc896518df4fa56f1998c9678e938534059c8fa5e536306d40cb32d65792029d62a93988623acae01b4cc9

  • SSDEEP

    1536:S69UFLCCwNieu/behNFZuSuWtWWx/qWoH1SSEc2jWSNqkpAII6ZsnJVrz5aeuf7b:d9UFLhwsCqWoH1SSEc2jWSNqkpAII6Z5

Malware Config

Targets

    • Target

      sample

    • Size

      66KB

    • MD5

      01fcc17f03ee8949b90a183f37499f3d

    • SHA1

      b8d2f39c1210d57c2cccb2da6b450a8171733714

    • SHA256

      60cc8d99987dfc530584a598fdd63c2a92c524876c859d86cc3dce262f7e42be

    • SHA512

      0625ab372738f098ac0eb660149004e95a50c477e3dc896518df4fa56f1998c9678e938534059c8fa5e536306d40cb32d65792029d62a93988623acae01b4cc9

    • SSDEEP

      1536:S69UFLCCwNieu/behNFZuSuWtWWx/qWoH1SSEc2jWSNqkpAII6ZsnJVrz5aeuf7b:d9UFLhwsCqWoH1SSEc2jWSNqkpAII6Z5

    • Downloads MZ/PE file

    • A potential corporate email address has been identified in the URL: currency-file@1

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

MITRE ATT&CK Enterprise v15

Tasks