General

  • Target

    b10d4465157273d3b106ed97b74147ddb35efb344cbd843e54f16391caae51e0

  • Size

    77KB

  • Sample

    241122-cr4xbssmbz

  • MD5

    72bf256119b652762d7f57f3873cfcd0

  • SHA1

    1998cd15554674254453b9d1bad3f7e8c9bea5cc

  • SHA256

    b10d4465157273d3b106ed97b74147ddb35efb344cbd843e54f16391caae51e0

  • SHA512

    e38444218e794249b11088bc3b39ffd3a0ddde0c9779505409e407a41f18b14da15f906aceafb864c267303bc5ef08ee5aa45453acdf762a71b60f9b8f19d481

  • SSDEEP

    768:Uoo2oooogG7oXoooo7ooQoooDoooooIoo4pJcaUitGAlmrJpmxlzC+w99NB33yhk:TptJlmrJpmxlRw99NBnyA1dfafKI+j

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://djtosh.co.za/rrp

exe.dropper

http://virginie.exstyle.fr/a

exe.dropper

http://projettv.baudtanette.fr/FZ00c23Z

exe.dropper

http://mujerproductivaradio.jacquelinezorrilla.com/O

exe.dropper

http://esinvestmentinc.ezitsolutions.net/UIf

Targets

    • Target

      b10d4465157273d3b106ed97b74147ddb35efb344cbd843e54f16391caae51e0

    • Size

      77KB

    • MD5

      72bf256119b652762d7f57f3873cfcd0

    • SHA1

      1998cd15554674254453b9d1bad3f7e8c9bea5cc

    • SHA256

      b10d4465157273d3b106ed97b74147ddb35efb344cbd843e54f16391caae51e0

    • SHA512

      e38444218e794249b11088bc3b39ffd3a0ddde0c9779505409e407a41f18b14da15f906aceafb864c267303bc5ef08ee5aa45453acdf762a71b60f9b8f19d481

    • SSDEEP

      768:Uoo2oooogG7oXoooo7ooQoooDoooooIoo4pJcaUitGAlmrJpmxlzC+w99NB33yhk:TptJlmrJpmxlRw99NBnyA1dfafKI+j

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • An obfuscated cmd.exe command-line is typically used to evade detection.

MITRE ATT&CK Enterprise v15

Tasks