4f0415e0a2fe049677c90258ef7e9578a91710f5eaa1ec60f08c0088db98746e | Triage

Sharing

General

Target

551618458ef8ffd1cf47b03230a8d9acb1df1e1894a10bc60c409e91a2d1a1ea
Size

40KB
Sample

241221-r11zcs1pfj
MD5

6730bc5699b534d6e470db781c09e576
SHA1

05110f28bc1b46c05e0e00cdb21136b4579102de
SHA256

4f0415e0a2fe049677c90258ef7e9578a91710f5eaa1ec60f08c0088db98746e
SHA512

17c4812219972f5ce441503ee003540dd2325ea192d9a5ba1a61a033db874b15585da6947d4ef4e5a7b5cca6dbd583560a85327ff8a4ec701652e0afab7ede13
SSDEEP

768:obS2noJhcN/bOQZ443RXPy2Oh353DMoKn0IScWyWa93qATSH:WS2noKDv4WEp3DMoMSNyfcATo

Score

10^/10

execution

Malware Config

Targets

- Target
  
  551618458ef8ffd1cf47b03230a8d9acb1df1e1894a10bc60c409e91a2d1a1ea
- Size
  
  174KB
- MD5
  
  3c071371480142e3f05df92e69c5174b
- SHA1
  
  a4932a18e3d353c76fd88b422eabeda60baa3fc4
- SHA256
  
  551618458ef8ffd1cf47b03230a8d9acb1df1e1894a10bc60c409e91a2d1a1ea
- SHA512
  
  2244b89674b795b76ddf0ce7d1d43aaa715167731ce6aa446d8300b074a488b4875b68359156597ce556937cdd7eac647acfd1cd9968125508e320f8cf43ea5f
- SSDEEP
  
  1536:nwVreHc0n2iNVEzUdF0YOGJzhBWOjoHc0n2iNVEzUdFvOGJzhBWOjDOGJzhBWOji:n60ft8GX0ftbD8bl0ftu00ft/
Score

10^/10

execution
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2