d34c29ddf7e9934493f2dd0a0e34db1461cba30e14a9efd6499999e35a489e63 | Triage

Sharing

General

Target

bf8ec05ef9c5ae6cb11885fe7e2df6b59cd79b6c30449addb510d19e90041534
Size

42KB
Sample

241221-sdaz4a1pew
MD5

4e731ab9325d32f0073a6cab7d7659bf
SHA1

705a8611b18da3f607165fb7c315759acddd29a1
SHA256

d34c29ddf7e9934493f2dd0a0e34db1461cba30e14a9efd6499999e35a489e63
SHA512

df8c17616f4347efd545273d36bd718ed644a55c2693712e705dc991b1974cb3fba02f82034cb9df03e84896239da86fa9326daf7fea93a7f1cd1c70af955f59
SSDEEP

768:vNFh59ShN9gBkcLJEBPHOwx3aeaQ9KgRclqz+1k5cXy5rUy25E:1FhChNHcLJEVBx+N83zK8Y0Ut5E

Score

10^/10

execution

Malware Config

Targets

- Target
  
  bf8ec05ef9c5ae6cb11885fe7e2df6b59cd79b6c30449addb510d19e90041534
- Size
  
  184KB
- MD5
  
  482d2df6a3e4ab4cfbe73a0d12f9a2a0
- SHA1
  
  3d06c2cee3a451dba61ee0ab494facf995dfdf2c
- SHA256
  
  bf8ec05ef9c5ae6cb11885fe7e2df6b59cd79b6c30449addb510d19e90041534
- SHA512
  
  c0ddf3f8201951e47c428d76c289a124564119a39fbd28d99086360c63e31653683a8e4105cd56c6a90cd1e1fe9db799c865273750fe7f02324ed9bee7b0a472
- SSDEEP
  
  1536:nwiVg5a1uW3SQ9QSZov87dhOc3Au3SQ9QSZovo7dhOc3A47dhOc3At3SQ9QSZov3:n31OvTvcvjvb
Score

10^/10

execution
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2