Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e8ca6c66c79cca9404a9f6a6920ff02010dc799435381a97fd5c57cf0c3abb41

  • Size

    161KB

  • Sample

    191223-a9bh18zn8a

  • MD5

    4b3c7c2d6627b2a8dce9f1c50e08e144

  • SHA1

    2329e62f3a54120036e86313f6f42c1a8a2b1513

  • SHA256

    e8ca6c66c79cca9404a9f6a6920ff02010dc799435381a97fd5c57cf0c3abb41

  • SHA512

    98bc5a5710bda76740e77f099da7bc69246ffce73fa4f251d6e66876a126793ff3db97aacee0ef24a78e7b26fc54d964c45daa5527cd704b06dce77b96e06992

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://xoso.thememanga.com/wp-admin/rqr/
exe.dropper

http://nuochoakichduc.info/wp-admin/HbS7j/
exe.dropper

http://nhasachthanhduy.com/master.class/zrJd/
exe.dropper

http://saphonzee.com/wp-includes/WdGrn8/
exe.dropper

https://tripaxi.com/All/Og86/

Targets

    • Target

      e8ca6c66c79cca9404a9f6a6920ff02010dc799435381a97fd5c57cf0c3abb41

    • Size

      161KB

    • MD5

      4b3c7c2d6627b2a8dce9f1c50e08e144

    • SHA1

      2329e62f3a54120036e86313f6f42c1a8a2b1513

    • SHA256

      e8ca6c66c79cca9404a9f6a6920ff02010dc799435381a97fd5c57cf0c3abb41

    • SHA512

      98bc5a5710bda76740e77f099da7bc69246ffce73fa4f251d6e66876a126793ff3db97aacee0ef24a78e7b26fc54d964c45daa5527cd704b06dce77b96e06992

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks