e06c490758709eff468df8f8afda86b8411758fd93ee16e14e6153de5ee933e2 | Triage

Sharing

General

Target

IAS.cmd
Size

31KB
Sample

241121-kstrravnbl
MD5

e2e2b6fb84ed23b2950f26939c36fdf5
SHA1

7988b5c71397db6fc4a611a54f7d5622eef73f40
SHA256

e06c490758709eff468df8f8afda86b8411758fd93ee16e14e6153de5ee933e2
SHA512

70a14feca5efc2e699ab9f190fd508cf5aab0daa5c8447ac06f7da0b1cb32bd1781b5fa91440483b2fb4eac10ebd611b28e582ee364d2681bb131eee1fb9aeaf
SSDEEP

384:mNnhCo3piIUTUq5rrQmJbnl7+qK14TEJYab:mNn/ZiBAq5rrQmFl7G4gJYab

Score

6^/10

discovery execution

Malware Config

Targets

- Target
  
  IAS.cmd
- Size
  
  31KB
- MD5
  
  e2e2b6fb84ed23b2950f26939c36fdf5
- SHA1
  
  7988b5c71397db6fc4a611a54f7d5622eef73f40
- SHA256
  
  e06c490758709eff468df8f8afda86b8411758fd93ee16e14e6153de5ee933e2
- SHA512
  
  70a14feca5efc2e699ab9f190fd508cf5aab0daa5c8447ac06f7da0b1cb32bd1781b5fa91440483b2fb4eac10ebd611b28e582ee364d2681bb131eee1fb9aeaf
- SSDEEP
  
  384:mNnhCo3piIUTUq5rrQmJbnl7+qK14TEJYab:mNn/ZiBAq5rrQmFl7G4gJYab
Score

6^/10

discovery execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

discoveryexecution