Overview

overview

7

Static

static

2nd PO389733.exe

windows7_x64

7

2nd PO389733.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2nd PO389733.exe

  • Size

    351KB

  • Sample

    200630-jjf9hn2yws

  • MD5

    e4df03f1fc29eb4fc32a0801b26ce6ed

  • SHA1

    1c487bae47d8f81ab5b2f851ace41b3520e0e77e

  • SHA256

    ece024ccd4accbc99e106f03c4b4764765b37615e3caa0b021084ac5f689cc3e

  • SHA512

    f89812a4a5ed11d10c6880e34a2bd34a6f0f96b929fd1bcf3790227505c256abd17ea5f3411529aab9db0c850b3449adcb2399541c52cb3856ebc9800e15f179

Score
7/10

Malware Config

Targets

    • Target

      2nd PO389733.exe

    • Size

      351KB

    • MD5

      e4df03f1fc29eb4fc32a0801b26ce6ed

    • SHA1

      1c487bae47d8f81ab5b2f851ace41b3520e0e77e

    • SHA256

      ece024ccd4accbc99e106f03c4b4764765b37615e3caa0b021084ac5f689cc3e

    • SHA512

      f89812a4a5ed11d10c6880e34a2bd34a6f0f96b929fd1bcf3790227505c256abd17ea5f3411529aab9db0c850b3449adcb2399541c52cb3856ebc9800e15f179

    Score
    7/10

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

1
T1064

Persistence

Privilege Escalation

Defense Evasion

Scripting

1
T1064

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks