Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0613667d25c4b43254f5df8d339b60349fb985b7d27c64abb221d06cd87258ba.doc

  • Size

    153KB

  • Sample

    200127-78nsbzs3dn

  • MD5

    6354d4594ab10923c000b5cb5eabcf9d

  • SHA1

    2099cafd361eb23873a93be1cc8e4a3f85e62be0

  • SHA256

    0613667d25c4b43254f5df8d339b60349fb985b7d27c64abb221d06cd87258ba

  • SHA512

    3a17c47ea675364a207cf4c5250912410b69cd70ddecbd9dab66739f20a5e386fc382bddb53dd0c978f8cad6eca86e9ff15cce70a820e255cae41aafc5a97eba

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://camnangtrithuc.com/wp-admin/rysO51/
exe.dropper

http://srgasia.com.my/wp-content/vmcG8715/
exe.dropper

https://www.amedspor.com.tr/trsss/2aCO1Gkwg/
exe.dropper

https://uklid.ir/cgi-bin/8v/
exe.dropper

https://bffanmiefan.tk/cgi-bin/wYvv84846/

Targets

    • Target

      0613667d25c4b43254f5df8d339b60349fb985b7d27c64abb221d06cd87258ba.doc

    • Size

      153KB

    • MD5

      6354d4594ab10923c000b5cb5eabcf9d

    • SHA1

      2099cafd361eb23873a93be1cc8e4a3f85e62be0

    • SHA256

      0613667d25c4b43254f5df8d339b60349fb985b7d27c64abb221d06cd87258ba

    • SHA512

      3a17c47ea675364a207cf4c5250912410b69cd70ddecbd9dab66739f20a5e386fc382bddb53dd0c978f8cad6eca86e9ff15cce70a820e255cae41aafc5a97eba

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks