ups_invoice3105183.doc

General
Target

ups_invoice3105183.doc

Size

282KB

Sample

191211-xasqnnchds

Score
10 /10
MD5

48b57693d5b1647b3f7fc5b45c0a8213

SHA1

5e2f6df0dde7caf8163921da45bf773db8514645

SHA256

0346971c0cf96bb3b143aea0e307f2d94af8a18474cc8e50dab4bcad965d2aa6

SHA512

1b2cbb36a74259c2d3566ab83c10380d07bc2586e6d0e07101b51104000e25ee3f09420ed261674154d08a612348da5b22962e26a04a16dba62f6ea1c2d9643f

Malware Config

Extracted

Language ps1
Source
URLs
exe.dropper

http://corp4.site/cVIka.dat

exe.dropper

http://corp4.site/vben.dat

exe.dropper

http://corp4.site/LugVP.dat

Targets
Target

ups_invoice3105183.doc

MD5

48b57693d5b1647b3f7fc5b45c0a8213

Filesize

282KB

Score
10 /10
SHA1

5e2f6df0dde7caf8163921da45bf773db8514645

SHA256

0346971c0cf96bb3b143aea0e307f2d94af8a18474cc8e50dab4bcad965d2aa6

SHA512

1b2cbb36a74259c2d3566ab83c10380d07bc2586e6d0e07101b51104000e25ee3f09420ed261674154d08a612348da5b22962e26a04a16dba62f6ea1c2d9643f

Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation