3f543ec61b638e67279d59d868758c669f8d135db81a2d269bce00ac84a3ea22 | Triage

Sharing

General

Target

45993588c924a2a7f81a3768576c591204fbda2ab851adb3201012f25a8818c5
Size

44KB
Sample

241221-sanf1s1ran
MD5

17e75f4bbce92296dfa65eb16c863533
SHA1

3f126bac04dce186e7ae1e3894b97b73a2f7a073
SHA256

3f543ec61b638e67279d59d868758c669f8d135db81a2d269bce00ac84a3ea22
SHA512

8d37b92b8fe729b753681883e6c1f548f1575fdc875a65c438f263b0a9736a2a0f8f560e26baa9e53f4ab7cb9e0273604311f8d3c8bbea2272a547d26bafefaf
SSDEEP

768:Pab4ybcVmIQnq4M4mEic8DpSwcxf1tZlxj8Ub611AcArNn2Jeyl2wXFqzE0P0:SCrQLM3jc8DpSfbnTi4NubX4x0

Score

10^/10

execution

Malware Config

Targets

- Target
  
  45993588c924a2a7f81a3768576c591204fbda2ab851adb3201012f25a8818c5
- Size
  
  189KB
- MD5
  
  cc8f13bc0f74a0baf3cc23853b48d60e
- SHA1
  
  a5fa26c9a781d591ad8283d8c0a079f49d1a9221
- SHA256
  
  45993588c924a2a7f81a3768576c591204fbda2ab851adb3201012f25a8818c5
- SHA512
  
  35730ec8fa0f5413fd4ba3e30eaa8854f41507f1f0f9221035dd8ccb88d541b3606fe23cd118037f05fb067bab203f75ac8e657c3e4c2c31f013507de8a26321
- SSDEEP
  
  3072:n+WQYnd7Dfa/WQHd7Dfatd7DfaXWQ9WQB:+h+Nfa/hHNfatNfaXh9hB
Score

10^/10

execution
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2