General

  • Target

    176.113.115_1.225.ps1

  • Size

    110KB

  • Sample

    250127-sbkfratnbs

  • MD5

    f486c8bc397b52fc7646a5e8b96bb550

  • SHA1

    034be8ab6213ec59c850b76dfaaf23e6a0eb5b12

  • SHA256

    eb3dcd88e0145312a0722fca50f46270369271d99aadf16be24b414adf037e32

  • SHA512

    cbd47d010a20cea006bc7e48a05c8e35ab140a805d156fb2e2fe0d3c66651f5ab1b864c6b25cf419477d3ee84619fd8fb8f1725810938623208582a9b403b93d

  • SSDEEP

    3072:ZcUKZ20H5qt7ABLmYOlba6c5GdOa7MQrq3v0ayW3sfc4xDAmMz/zlZVdtj0Qq5+s:ZcB20H5qt7ABLmYOlba6c5GdOa7MQrqU

Malware Config

Targets

    • Target

      176.113.115_1.225.ps1

    • Size

      110KB

    • MD5

      f486c8bc397b52fc7646a5e8b96bb550

    • SHA1

      034be8ab6213ec59c850b76dfaaf23e6a0eb5b12

    • SHA256

      eb3dcd88e0145312a0722fca50f46270369271d99aadf16be24b414adf037e32

    • SHA512

      cbd47d010a20cea006bc7e48a05c8e35ab140a805d156fb2e2fe0d3c66651f5ab1b864c6b25cf419477d3ee84619fd8fb8f1725810938623208582a9b403b93d

    • SSDEEP

      3072:ZcUKZ20H5qt7ABLmYOlba6c5GdOa7MQrq3v0ayW3sfc4xDAmMz/zlZVdtj0Qq5+s:ZcB20H5qt7ABLmYOlba6c5GdOa7MQrqU

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks