Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13a7140437d12003adff9117931faf99a8bcf7e30ae96ce270cee12d27fe5d43.doc

  • Size

    151KB

  • Sample

    200127-4awc8j2enn

  • MD5

    b055f62c3488e2aa1b4d8f573f98a826

  • SHA1

    8594b4b7f9a8a29e968304829a65fbda5c966459

  • SHA256

    13a7140437d12003adff9117931faf99a8bcf7e30ae96ce270cee12d27fe5d43

  • SHA512

    349fac3d9bba3c0b16ae9b0e2187c2a0f23f50d8ff869c414761c885650eb3dab1b592936276b3d7fc487b8918a281a8890c7536ae8c64fb5531fe238b58d82c

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://delhisexclinic.com/zds/jUzItNFoNN/
exe.dropper

https://lelangg.online/uydlcvg/xoZAiAes/
exe.dropper

https://usispf.org/wp-admin/vjWaya/
exe.dropper

https://www.sexylady.space/wp-admin/JM/
exe.dropper

https://www.metropolnet.gr/cgi-bin/eP1hbutDbo/

Targets

    • Target

      13a7140437d12003adff9117931faf99a8bcf7e30ae96ce270cee12d27fe5d43.doc

    • Size

      151KB

    • MD5

      b055f62c3488e2aa1b4d8f573f98a826

    • SHA1

      8594b4b7f9a8a29e968304829a65fbda5c966459

    • SHA256

      13a7140437d12003adff9117931faf99a8bcf7e30ae96ce270cee12d27fe5d43

    • SHA512

      349fac3d9bba3c0b16ae9b0e2187c2a0f23f50d8ff869c414761c885650eb3dab1b592936276b3d7fc487b8918a281a8890c7536ae8c64fb5531fe238b58d82c

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks