f0a06049bf23f9b0b9957ba7c4f5d085fe7edeb89624e28d5bfeee5a2f10cae1 | Triage

Sharing

General

Target

11b569a0266b290d8af3e17f6d51dee700d593b7a338c1800c4d0403ad9000be
Size

49KB
Sample

241221-scksxa1pdy
MD5

9e187b87c2f48b38bb7b30c863a63725
SHA1

901a8b9b05fbd294a743660c6e661ea0488fb84f
SHA256

f0a06049bf23f9b0b9957ba7c4f5d085fe7edeb89624e28d5bfeee5a2f10cae1
SHA512

15a32caf82609d63b7e793d78ad96b2da61a51ab525a19ae3b1c9824d6a13860da49327f87bedb2801032d956a38062f6476f44fafb347e702c0f6060e669b0d
SSDEEP

768:12dspeggz7EjM3dDTgcLzKSZJSgKkBubxB7crUeCa4KXGhcuu8XtpClbleavhJ:UqkTCaW+/ZEgKk8f7RaVjejeb/

Score

10^/10

execution

Malware Config

Targets

- Target
  
  11b569a0266b290d8af3e17f6d51dee700d593b7a338c1800c4d0403ad9000be
- Size
  
  215KB
- MD5
  
  426eec9f07878c4590c5ff8bb81ffe86
- SHA1
  
  510bd4a707e0e7ea830a41c253bf7f08677a53fd
- SHA256
  
  11b569a0266b290d8af3e17f6d51dee700d593b7a338c1800c4d0403ad9000be
- SHA512
  
  e72349f724e52d01d30af3c9b3f68a1a37075a87e59812481362236551fe2de438ec4b43256606800f2caf51fd3344eecf3f0423b5642989783bcddaeeb64695
- SSDEEP
  
  3072:nGLf+ClhBKrlMLf+ClhBKr35iLf+ClhBKrtLf+ClhBKrF:qfJ93fJ9DfJ9SfJ9+
Score

10^/10

execution
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2