General

  • Target

    f392b38ec84a5b755647944405efdd102dd270f3390dab66e5c647f892e1c170

  • Size

    40KB

  • Sample

    241221-sagcps1ram

  • MD5

    8b7d4c02b8fdf4314b45a042dd2559ae

  • SHA1

    c42a46e07470697fb1dba448b45a731e077f05ab

  • SHA256

    a991bca4671c6e3901845f12a88e2b8068b4942a22e794e2e66126687686e7de

  • SHA512

    1fd234b3b43bc93b7d020c270e0368afa6427c41f2ffc354b70a6760fc376fb89b62da90e82aa5e49e6fd2e2638cda9f2d33add107852f9b0cd3bb47e4a5269a

  • SSDEEP

    768:ubWRRL2xxkl6xI8JIhXRWoUq17W/bw2f24msKulze6C+zukZkM1F48Oa4L:ubfSwIvcof17Wk24OzuqpZkM1FYL

Score
10/10

Malware Config

Targets

    • Target

      f392b38ec84a5b755647944405efdd102dd270f3390dab66e5c647f892e1c170

    • Size

      173KB

    • MD5

      a85db1311ff98b2c5a37c318e0b17518

    • SHA1

      4e9e0c84f88c0d0f3302aa315ab08fbf12f6fa69

    • SHA256

      f392b38ec84a5b755647944405efdd102dd270f3390dab66e5c647f892e1c170

    • SHA512

      5955d601125bb4afac3d980a302eb3dcfaa791481eb2db6ea488cd43108c420b5da51f7530a7329146e6912f06a466e6640cbc01e8bdebb7d760f4d8d08fb665

    • SSDEEP

      1536:nw8xskZw87t6FcH7xcWgWEioo4rWMT+87t6FcH7xcWgWEioo4rWMTEWgWEioo4ri:nDFww7mRi09qw7ORi09QRi09aw77w7Z

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks