General

  • Target

    test.exe

  • Size

    29KB

  • Sample

    241110-w3qzdssfma

  • MD5

    9f9b43c927f4b384348f36e4707afc71

  • SHA1

    e4ff4768f4cb75d97185c2249bad52d554dbfd4c

  • SHA256

    ac3d9110d34aeb30df4b0f8b5fade5512b097135d717837dfb50427940cdddc3

  • SHA512

    5d0680a95b03762a62aa9579d67c1d927a021ad63eb7836e00fbeb5ab6ada0ee3c7801228b5bca7017d718bdc1a335785c5c8d5955677cdc56f0f7c94f48ff75

  • SSDEEP

    768:7vH7XycwVL/LYI+1Lv8RX8LYIaLYI5LY5TD4IEVM/:THjwVL/LYI+1Lv8RX8LYIaLYI5LY5TD5

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://bin.homebots.io/f/86590cf0-ce48-483b-bd0f-160db32a386c/1889464b-428c-4dc4-9c01-19ce05d86f8f

Targets

    • Target

      test.exe

    • Size

      29KB

    • MD5

      9f9b43c927f4b384348f36e4707afc71

    • SHA1

      e4ff4768f4cb75d97185c2249bad52d554dbfd4c

    • SHA256

      ac3d9110d34aeb30df4b0f8b5fade5512b097135d717837dfb50427940cdddc3

    • SHA512

      5d0680a95b03762a62aa9579d67c1d927a021ad63eb7836e00fbeb5ab6ada0ee3c7801228b5bca7017d718bdc1a335785c5c8d5955677cdc56f0f7c94f48ff75

    • SSDEEP

      768:7vH7XycwVL/LYI+1Lv8RX8LYIaLYI5LY5TD4IEVM/:THjwVL/LYI+1Lv8RX8LYIaLYI5LY5TD5

    Score
    10/10
    • Blocklisted process makes network request

    • Executes dropped EXE

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

MITRE ATT&CK Enterprise v15

Tasks