caa2b71e65aecfaebef638d92ff3f59a6669eb0032dcd760167772e6230150a6

Resubmissions

21-11-2024 05:27

241121-f5k8xsydrc 10

21-11-2024 05:25

241121-f4n87azdml 10

21-11-2024 05:20

241121-f1m7qatmbq 10

21-11-2024 05:18

241121-fy9ypstmar 10

Sharing

Copy URL

Twitter E-mail

General

Target

run.txt
Size

643B
Sample

241121-f1m7qatmbq
MD5

ce59d2b172748a12fd462a9aa9e0bbcc
SHA1

8fd4a148b78988e34b8f90cd8c04cde91d49577d
SHA256

caa2b71e65aecfaebef638d92ff3f59a6669eb0032dcd760167772e6230150a6
SHA512

2aa4ca0b5110a627f880736ab0c563e91302e0ebc98359d6271abc0133636c4f3db2c2ee2ecdd6c8e6e21ce0fdeac3a1ff934970b7eecc6c6fd62f2814d16543

Score

10^/10

discovery execution

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://encryptedzip.oss-ap-southeast-1.aliyuncs.com/run.zip

Targets

- Target
  
  run.txt
- Size
  
  643B
- MD5
  
  ce59d2b172748a12fd462a9aa9e0bbcc
- SHA1
  
  8fd4a148b78988e34b8f90cd8c04cde91d49577d
- SHA256
  
  caa2b71e65aecfaebef638d92ff3f59a6669eb0032dcd760167772e6230150a6
- SHA512
  
  2aa4ca0b5110a627f880736ab0c563e91302e0ebc98359d6271abc0133636c4f3db2c2ee2ecdd6c8e6e21ce0fdeac3a1ff934970b7eecc6c6fd62f2814d16543
Score

8^/10

execution discovery
- Blocklisted process makes network request
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Blocklisted process makes network request

Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2