Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9abe3bd2f178ac153d8c6a86fd982a82ccf8c409ff0abbc3fdf175d2c32fe64.doc

  • Size

    153KB

  • Sample

    200127-4kq1z46vwx

  • MD5

    8b9aec643d39e9ba234a63732e776b77

  • SHA1

    8218ec2db5c1c0518e92b5a0a7c0f039836c465f

  • SHA256

    a9abe3bd2f178ac153d8c6a86fd982a82ccf8c409ff0abbc3fdf175d2c32fe64

  • SHA512

    042735b22dbb829e77e7acc596e84933a3e92ce8b5dbf32f002855fdfd10acf7c10ba7ab04dc7253cb1ff50042bd323a37048c3dea34cb5857528bb196102009

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://fietsenmetkinderen.info/App_Data/ASHFouI/
exe.dropper

https://rokonworld.xyz/cgi-bin/bf99ypv-nka70qs-62/
exe.dropper

http://www.meubelontwerpstudioheyne.nl/languages/ndZNarqnj/
exe.dropper

http://bursary.engsoc.queensu.ca/wp-admin/48ech-ddpjkzp-29821620/
exe.dropper

http://lapmangfpt.haiphong.vn/wp-admin/k50i2cm5qi-9wnfau-7879373385/

Targets

    • Target

      a9abe3bd2f178ac153d8c6a86fd982a82ccf8c409ff0abbc3fdf175d2c32fe64.doc

    • Size

      153KB

    • MD5

      8b9aec643d39e9ba234a63732e776b77

    • SHA1

      8218ec2db5c1c0518e92b5a0a7c0f039836c465f

    • SHA256

      a9abe3bd2f178ac153d8c6a86fd982a82ccf8c409ff0abbc3fdf175d2c32fe64

    • SHA512

      042735b22dbb829e77e7acc596e84933a3e92ce8b5dbf32f002855fdfd10acf7c10ba7ab04dc7253cb1ff50042bd323a37048c3dea34cb5857528bb196102009

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks