Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b166e4ee9068471930737b134039e8639f896c552cb388f2e972c00103b3e812

  • Size

    250KB

  • Sample

    200114-nb1z2ehr6a

  • MD5

    c9ccc0dfd753fb6dbaf5c80482221939

  • SHA1

    9bd1050f1e5fbb4fd39c63613c7b9012e1d657f0

  • SHA256

    b166e4ee9068471930737b134039e8639f896c552cb388f2e972c00103b3e812

  • SHA512

    3e4e90aeb026d187ca4a18133a990b84197ba77af7b136a4651478390417e6699febf51a62df12db638411b76f6e48d46cb6947e707e2da51de76d5b1798d08a

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://farsmix.com/wp-admin/xpk881/
exe.dropper

http://thuong.bidiworks.com/wp-content/q2TO1988/
exe.dropper

https://securiteordi.com/wofk253jeksed/QO485/
exe.dropper

http://ziyinshedege.com/wp-content/TIGc/
exe.dropper

http://luilao.com/yakattack/EmXdYs3Rf/

Targets

    • Target

      b166e4ee9068471930737b134039e8639f896c552cb388f2e972c00103b3e812

    • Size

      250KB

    • MD5

      c9ccc0dfd753fb6dbaf5c80482221939

    • SHA1

      9bd1050f1e5fbb4fd39c63613c7b9012e1d657f0

    • SHA256

      b166e4ee9068471930737b134039e8639f896c552cb388f2e972c00103b3e812

    • SHA512

      3e4e90aeb026d187ca4a18133a990b84197ba77af7b136a4651478390417e6699febf51a62df12db638411b76f6e48d46cb6947e707e2da51de76d5b1798d08a

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks