Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b8ec27ad3d1454dac95b1ddb62985859c71554353f6808d238a5e36a04c0dd12.doc

  • Size

    151KB

  • Sample

    200127-8m38m6ndca

  • MD5

    b3f34521ef50de9f48adf1989364fb66

  • SHA1

    8870517c1863e015b68bd5b4d53a3676832451ce

  • SHA256

    b8ec27ad3d1454dac95b1ddb62985859c71554353f6808d238a5e36a04c0dd12

  • SHA512

    1edec62190eaa132316be24a443f5ea7f7a409768274bda5941dd8786a4d603e2d2a00a899d1edd44e6f58bd7db0a7ab81ed8b6eac78da31dfa2c53e61317c16

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://delhisexclinic.com/zds/jUzItNFoNN/
exe.dropper

https://lelangg.online/uydlcvg/xoZAiAes/
exe.dropper

https://usispf.org/wp-admin/vjWaya/
exe.dropper

https://www.sexylady.space/wp-admin/JM/
exe.dropper

https://www.metropolnet.gr/cgi-bin/eP1hbutDbo/

Targets

    • Target

      b8ec27ad3d1454dac95b1ddb62985859c71554353f6808d238a5e36a04c0dd12.doc

    • Size

      151KB

    • MD5

      b3f34521ef50de9f48adf1989364fb66

    • SHA1

      8870517c1863e015b68bd5b4d53a3676832451ce

    • SHA256

      b8ec27ad3d1454dac95b1ddb62985859c71554353f6808d238a5e36a04c0dd12

    • SHA512

      1edec62190eaa132316be24a443f5ea7f7a409768274bda5941dd8786a4d603e2d2a00a899d1edd44e6f58bd7db0a7ab81ed8b6eac78da31dfa2c53e61317c16

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks