Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1f92ce0919e743e10cb8f1653550a6c033095bd0aae796dabba2fbfa037ee64.doc

  • Size

    153KB

  • Sample

    200127-5jfer6glse

  • MD5

    5e65cd6602dec8465ff132eebc5b5573

  • SHA1

    6330362975b66f269e8b5b050387c9bee2148149

  • SHA256

    d1f92ce0919e743e10cb8f1653550a6c033095bd0aae796dabba2fbfa037ee64

  • SHA512

    0d0c69ab16cb2637ae3de3c92870d5900ff521bd2ce653a7ed418fda37490fa30344359f783e60cb0008deedf52f0231007aba962440d6cb074af132149546e6

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://covaihomes.com/cgi-bin/t3ln/
exe.dropper

http://saxseafood.com/wp-content/VHTlLciKX/
exe.dropper

https://zaamira.com/wp-admin/2sof7o/
exe.dropper

https://shopify-ed.apps.zeroek.com/dist/hxrf9/
exe.dropper

https://sophistproduction.com/wp-includes/Wijy9/

Targets

    • Target

      d1f92ce0919e743e10cb8f1653550a6c033095bd0aae796dabba2fbfa037ee64.doc

    • Size

      153KB

    • MD5

      5e65cd6602dec8465ff132eebc5b5573

    • SHA1

      6330362975b66f269e8b5b050387c9bee2148149

    • SHA256

      d1f92ce0919e743e10cb8f1653550a6c033095bd0aae796dabba2fbfa037ee64

    • SHA512

      0d0c69ab16cb2637ae3de3c92870d5900ff521bd2ce653a7ed418fda37490fa30344359f783e60cb0008deedf52f0231007aba962440d6cb074af132149546e6

    Score
    10/10

    • Process spawned unexpected child process

    • Executes dropped EXE

    task1

MITRE ATT&CK Enterprise v6

Tasks