Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b2b035d2ebc582b4d07b6877a76b566b2852b497241ebc4b093aa79556349d3f.doc

  • Size

    152KB

  • Sample

    200127-a4vemyabnx

  • MD5

    105b65db3a5cce1f4fe87cf392af029a

  • SHA1

    e1884731f6f664b22a5a0d94423ce5cfc83e41f2

  • SHA256

    b2b035d2ebc582b4d07b6877a76b566b2852b497241ebc4b093aa79556349d3f

  • SHA512

    b83f942c12a334ad0e5abb478094a402d9d4064e1c016d6ba58da261a3beb929c32e5095500c6dfa8e4a739f40dce580c2ec82a3b62d092e009d7b64b110079c

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://yochina.apps.zeroek.com/assets/GQK9Gly/
exe.dropper

http://www.bandarwinsbobet.com/wp-admin/7bw/
exe.dropper

http://test.pakspaservices.com/wp-content/Yi1j6O7/
exe.dropper

http://portal.meucompromisso.com/wp-admin/kQJ/
exe.dropper

https://wondersofgeorgia.com/wp-admin/jv7hvg/

Targets

    • Target

      b2b035d2ebc582b4d07b6877a76b566b2852b497241ebc4b093aa79556349d3f.doc

    • Size

      152KB

    • MD5

      105b65db3a5cce1f4fe87cf392af029a

    • SHA1

      e1884731f6f664b22a5a0d94423ce5cfc83e41f2

    • SHA256

      b2b035d2ebc582b4d07b6877a76b566b2852b497241ebc4b093aa79556349d3f

    • SHA512

      b83f942c12a334ad0e5abb478094a402d9d4064e1c016d6ba58da261a3beb929c32e5095500c6dfa8e4a739f40dce580c2ec82a3b62d092e009d7b64b110079c

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks