58b526d0baeda69960edcb9ee04268c43929a83793b482d1407614610f77d318 | Triage

Sharing

General

Target

cb18ea9bd1276d8692900fe139ee0dd9aaff882a4b66dc883f4739b9046ede7b
Size

46KB
Sample

241221-sn9ams1rbx
MD5

d12d6ae4eee90896acd96defa362ccb6
SHA1

7d794ad6c249faebf3e742297fff25023182d59b
SHA256

58b526d0baeda69960edcb9ee04268c43929a83793b482d1407614610f77d318
SHA512

a134c0009302de505b089f4a2490955532500f7639ec481a72df09c4391efff5c610a21b2ae332980633cd0f41b32e21497f6a66fbc16e12b8ef9c0157cea420
SSDEEP

768:186bUVmtPfFMUX/2cEuHsi5lJl7bkwardv0mny9D+tgHHa527M8DvSoWVBu2P:mqPfWOODuXlJlsw2dMhpzV7MsWTuq

Score

10^/10

execution

Malware Config

Targets

- Target
  
  cb18ea9bd1276d8692900fe139ee0dd9aaff882a4b66dc883f4739b9046ede7b
- Size
  
  201KB
- MD5
  
  c71db149c7c1b853f4c0479019433510
- SHA1
  
  e11559374b388818531f0f603acd4513ae398b7b
- SHA256
  
  cb18ea9bd1276d8692900fe139ee0dd9aaff882a4b66dc883f4739b9046ede7b
- SHA512
  
  b87fec34c9f7748d8bf54194fb47108772a94c4fc180f90f8f67591464163c2dc88d9a71cb756a6e7503422960c38359d1d13630c6e30ce861b78da4e11f2379
- SSDEEP
  
  1536:nwpXxvpKC/UoNm+pflcKSjue/9j7jk1wt3PSQ/KKC/UoNm+pfQcKSjue/9j7jk1H:n2csBrf9m+csBmf9m/f9mRcsBWcsBK
Score

10^/10

execution
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2