1702d8e12c708bc3943cf8b91a92231dc930ca352473eb58c6c6e5c765d336bd | Triage

Sharing

General

Target

25510bdddf3f75e21fe55d6450272ee749565fc63f27304c1e3b2146294ffb07
Size

65KB
Sample

241221-shavws1qby
MD5

cf523828139e67d80bcd74b43125b78d
SHA1

ef1bdbd7204d3961fffccd06c6968bed7039a485
SHA256

1702d8e12c708bc3943cf8b91a92231dc930ca352473eb58c6c6e5c765d336bd
SHA512

fa8911fbf3f64db1febe2efa428c3ff00ef193e65e567194a53ba85d963aa04f5985270938861c6f2e0566241d7c5d3bbf6ae03bc092906e0b0de02703d4f52a
SSDEEP

1536:k7fIvDP5PJmDZlw4PJ3nUZg+17JjXlGi7NsVW1TvTfP3hFoKYWSyn:GgvDP543JPVUZg+RJjoiZOYTjPxFoKYg

Score

10^/10

execution

Malware Config

Targets

- Target
  
  25510bdddf3f75e21fe55d6450272ee749565fc63f27304c1e3b2146294ffb07
- Size
  
  244KB
- MD5
  
  6c9cc554a6c6ed63bf7a7131ea756541
- SHA1
  
  0babfb19c3a3a6a71e2c9376bcda91b600d74a46
- SHA256
  
  25510bdddf3f75e21fe55d6450272ee749565fc63f27304c1e3b2146294ffb07
- SHA512
  
  c5b98ad60d9b45bfa9183e555a9f35e92bb0ac9ea16082dbc9862e5cb5fbe475a1ddb68f13ebf03c907e314155679e5c2e3e3c173683934b31b337cbc0fe7341
- SSDEEP
  
  1536:nw8sTaRGr/kJtcTDyrQx3jCMABOSER+HGr/kJtcTD7rQx3jCMABOSER+RrQx3jCz:nILotEoaPVoKoU
Score

10^/10

execution
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2