Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e103905b487abe624bdde83613da902187fa199b0846592cdde58c559d3c9e3e.doc

  • Size

    153KB

  • Sample

    200127-4xvzj1mn1e

  • MD5

    7f960c41f707d1ddac8a32184ffc63d9

  • SHA1

    55ebe0c46fca802b847aa49a9ec116d434fea057

  • SHA256

    e103905b487abe624bdde83613da902187fa199b0846592cdde58c559d3c9e3e

  • SHA512

    e95703f15beae6e11ea5f5834185f8985cdae70024bd29c78fded735885606343a8f9853ff2557ea541bcf348b15db718524aa863ad01cc0f440905e1ebdaf05

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://fietsenmetkinderen.info/App_Data/ASHFouI/
exe.dropper

https://rokonworld.xyz/cgi-bin/bf99ypv-nka70qs-62/
exe.dropper

http://www.meubelontwerpstudioheyne.nl/languages/ndZNarqnj/
exe.dropper

http://bursary.engsoc.queensu.ca/wp-admin/48ech-ddpjkzp-29821620/
exe.dropper

http://lapmangfpt.haiphong.vn/wp-admin/k50i2cm5qi-9wnfau-7879373385/

Targets

    • Target

      e103905b487abe624bdde83613da902187fa199b0846592cdde58c559d3c9e3e.doc

    • Size

      153KB

    • MD5

      7f960c41f707d1ddac8a32184ffc63d9

    • SHA1

      55ebe0c46fca802b847aa49a9ec116d434fea057

    • SHA256

      e103905b487abe624bdde83613da902187fa199b0846592cdde58c559d3c9e3e

    • SHA512

      e95703f15beae6e11ea5f5834185f8985cdae70024bd29c78fded735885606343a8f9853ff2557ea541bcf348b15db718524aa863ad01cc0f440905e1ebdaf05

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks