Overview

overview

10

task1

 

10

task2

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Malware Samples(2).zip

  • Size

    11.3MB

  • Sample

    200101-1dghyjegsn

  • MD5

    40cb422a49bfa7ae143156f73dba4149

  • SHA1

    6d97ee9291d0b9ad64e2c8da30c945dfa706809d

  • SHA256

    560d99887286ea550542c684b208ab356394e22d45571c64765653543fbf1dd3

  • SHA512

    88f6fddb6f39766fad335cf19f3a0ad364b8938a1d8714b5a7bb5a01fe1473292d66730211e530d34f0350fb2ea3ffb202fe63635e6e3147fef50d7667d5efa4

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://lilikhendarwati.com/wp-admin/JbdTQoQQ/
exe.dropper

http://www.zhangboo.com/wp-admin/lwhcvV/
exe.dropper

http://test.windsorheatingandair.com/wp-includes/r9lv-4teq5ff-8759846140/
exe.dropper

https://www.jackiejill.com/wp-includes/yiqr4r6a-dwt7s0u-26965878/
exe.dropper

http://apolina.pl/engl/1tuh6ul-gakf89-994/

Targets

    • Target

      VTDL32be68dafd336fa9425b3602fbb4e33e.danger

    • Size

      127KB

    • MD5

      32be68dafd336fa9425b3602fbb4e33e

    • SHA1

      540c16a8b5f5e8b68c684685e9219da14b629390

    • SHA256

      e6df008a724554e508765cdd7acbf90a55cdc4bfe216661536e10785de45edf4

    • SHA512

      e50e8d26f12312082451a1a13347adee54ff2d7786481f0d3eb592d5793377855e0e08c45d88055263d28a1a2baf94e6bf4cef6ae762a9a1714cc01316f2d9f1

    Score
    10/10

    • Process spawned unexpected child process

    • Drops file in System32 directory

    task1task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks