General

  • Target

    6f21423518630c933097530dd6c1927464be1165d6aa2c6afc0e669311522902

  • Size

    38KB

  • Sample

    241221-sagcps1ral

  • MD5

    203008c5e4ffce456a1cf73afb4c9e8e

  • SHA1

    6d368f1e95d7e01b1798e15bc43ef99e0413370f

  • SHA256

    53ecccbf66733e8412af3bb660d9bd8ba9a12591dc4d8a04b6337c66eeb91dc6

  • SHA512

    717406690db8066d5d0b1a7e1630f157d68bd68c3b1864aaa20b7a04ff90113c2082cb299666fc6d26c7865e50191b1724fedf3af6128bd47993a16a2331d36a

  • SSDEEP

    768:SKAaezKJCMBh1uNmozKfvA1Ivr+oSB1haVUSIlf7Zoc30cLT22222222J:5Aa2mMNsA1Iw7haV07N9Lt

Score
10/10

Malware Config

Targets

    • Target

      6f21423518630c933097530dd6c1927464be1165d6aa2c6afc0e669311522902

    • Size

      161KB

    • MD5

      9b00d7834b5765e9f4abadf7157a4a44

    • SHA1

      4baa4efc8f3ee91616b8789d7395aa160eeff656

    • SHA256

      6f21423518630c933097530dd6c1927464be1165d6aa2c6afc0e669311522902

    • SHA512

      5b7283180511950e039c3745d641cd307a8c59310073a08ec749b8bb566e7acd4aa09f20ea5f91c7a550bc303e0a7d15d25e6a9263d754c0dc38dc0c0bc037d1

    • SSDEEP

      1536:nwhup+uA4hs3qk2EcsdminklgHXbfHSdDTA4hs3qk24csdminklgHXbfHSdDscst:nKuyKsnjramQsnjraNsnjra2TL

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks