General
-
Target
nj230708full.pdf.exe
-
Size
2.6MB
-
Sample
241216-lw48bsvpfy
-
MD5
bd216fdea8517b5beb003e0ac03f536e
-
SHA1
a3f3d4395b74da605bb1e068c846ccb531213f38
-
SHA256
e96a0c1bc5f720d7f0a53f72e5bb424163c943c24a437b1065957a79f5872675
-
SHA512
57dadcbd826b9d2cd99e82d1ba5ada998219378d9c1782388de06c9a2dddc754ec32ca89682cc56e5f38dd55e1a57ce5bd5cb2482ba655ecbbd76206f353d694
-
SSDEEP
49152:ztJyfM3mq+li7JeXVn2GljPUXSrVFADPtMieH5nqwTs8X3jkXcMt:JUKmzi7Je4GljPUCrzAiieZq8IX3t
Static task
static1
Malware Config
Targets
-
-
Target
nj230708full.pdf.exe
-
Size
2.6MB
-
MD5
bd216fdea8517b5beb003e0ac03f536e
-
SHA1
a3f3d4395b74da605bb1e068c846ccb531213f38
-
SHA256
e96a0c1bc5f720d7f0a53f72e5bb424163c943c24a437b1065957a79f5872675
-
SHA512
57dadcbd826b9d2cd99e82d1ba5ada998219378d9c1782388de06c9a2dddc754ec32ca89682cc56e5f38dd55e1a57ce5bd5cb2482ba655ecbbd76206f353d694
-
SSDEEP
49152:ztJyfM3mq+li7JeXVn2GljPUXSrVFADPtMieH5nqwTs8X3jkXcMt:JUKmzi7Je4GljPUCrzAiieZq8IX3t
-
Asyncrat family
-
StormKitty payload
-
Stormkitty family
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Drops startup file
-
Executes dropped EXE
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1JavaScript
1Scheduled Task/Job
1Scheduled Task
1