Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05da5b0868b3b27c1bb2bb7694e1c05a7c99c16c8494ddf8b6d5a215b6d4cc93.doc

  • Size

    153KB

  • Sample

    200127-2ckktawe8j

  • MD5

    596bf581a9c21ae6fd0d12191eabb9aa

  • SHA1

    86feb92247544f26ac7be8afa900d6f614734665

  • SHA256

    05da5b0868b3b27c1bb2bb7694e1c05a7c99c16c8494ddf8b6d5a215b6d4cc93

  • SHA512

    f104ae27660b98771250a1f0d00affc7a768e3480f79fdc27b41d85c9b5d3a485da74d98b88acd2020eea760b6b4fbf21c38da56b2a860960046aafc0ac6970b

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://fietsenmetkinderen.info/App_Data/ASHFouI/
exe.dropper

https://rokonworld.xyz/cgi-bin/bf99ypv-nka70qs-62/
exe.dropper

http://www.meubelontwerpstudioheyne.nl/languages/ndZNarqnj/
exe.dropper

http://bursary.engsoc.queensu.ca/wp-admin/48ech-ddpjkzp-29821620/
exe.dropper

http://lapmangfpt.haiphong.vn/wp-admin/k50i2cm5qi-9wnfau-7879373385/

Targets

    • Target

      05da5b0868b3b27c1bb2bb7694e1c05a7c99c16c8494ddf8b6d5a215b6d4cc93.doc

    • Size

      153KB

    • MD5

      596bf581a9c21ae6fd0d12191eabb9aa

    • SHA1

      86feb92247544f26ac7be8afa900d6f614734665

    • SHA256

      05da5b0868b3b27c1bb2bb7694e1c05a7c99c16c8494ddf8b6d5a215b6d4cc93

    • SHA512

      f104ae27660b98771250a1f0d00affc7a768e3480f79fdc27b41d85c9b5d3a485da74d98b88acd2020eea760b6b4fbf21c38da56b2a860960046aafc0ac6970b

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks