510e2f0999c2d7381fc22ee4c4bf72e0ab1bbe779e01a81095690b1bdc633ece | Triage

Sharing

General

Target

510e2f0999c2d7381fc22ee4c4bf72e0ab1bbe779e01a81095690b1bdc633ece.exe
Size

1.0MB
Sample

241121-mb5h2awjbp
MD5

4b3b813bb2357edd39d710c708ff1223
SHA1

beec5f0c7fe9fe6c3f6e7de7c77ccecc06199e82
SHA256

510e2f0999c2d7381fc22ee4c4bf72e0ab1bbe779e01a81095690b1bdc633ece
SHA512

55f5ff5d974ac0aa9463fa6019e57e7600648d6cc614a28df75b771491c902d64491d5682e559c0fe893e382fe8673dec15da57d46968b172026067ccfb0d1f9
SSDEEP

24576:UrORE29TTVx8aBRd1h1orq+GWE0Jc5bDTj1Vyv9Tva14p8:U2EYTb8atv1orq+pEiSDTj1VyvBa17

Score

8^/10

execution

Malware Config

Targets

- Target
  
  510e2f0999c2d7381fc22ee4c4bf72e0ab1bbe779e01a81095690b1bdc633ece.exe
- Size
  
  1.0MB
- MD5
  
  4b3b813bb2357edd39d710c708ff1223
- SHA1
  
  beec5f0c7fe9fe6c3f6e7de7c77ccecc06199e82
- SHA256
  
  510e2f0999c2d7381fc22ee4c4bf72e0ab1bbe779e01a81095690b1bdc633ece
- SHA512
  
  55f5ff5d974ac0aa9463fa6019e57e7600648d6cc614a28df75b771491c902d64491d5682e559c0fe893e382fe8673dec15da57d46968b172026067ccfb0d1f9
- SSDEEP
  
  24576:UrORE29TTVx8aBRd1h1orq+GWE0Jc5bDTj1Vyv9Tva14p8:U2EYTb8atv1orq+pEiSDTj1VyvBa17
Score

8^/10

execution
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2