Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d53754eafc84f9c7ae7e8b159cbbee1778abc5de18e430762a5cad438e5c85f.doc

  • Size

    152KB

  • Sample

    200127-c2d2m1jaka

  • MD5

    36855008ecb95d6d0e3491dd928a33e1

  • SHA1

    17a46c6853b69e9cd346b289b7d57af14d07cdee

  • SHA256

    7d53754eafc84f9c7ae7e8b159cbbee1778abc5de18e430762a5cad438e5c85f

  • SHA512

    68f89ae9e519a631be5e0020610a56122c02bf6e11c35b330dbc7e8060fc310a409bf4610ea912be13374a8757cecd5a822aecf66f6ff8260e73d19b763e8942

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://yochina.apps.zeroek.com/assets/GQK9Gly/
exe.dropper

http://www.bandarwinsbobet.com/wp-admin/7bw/
exe.dropper

http://test.pakspaservices.com/wp-content/Yi1j6O7/
exe.dropper

http://portal.meucompromisso.com/wp-admin/kQJ/
exe.dropper

https://wondersofgeorgia.com/wp-admin/jv7hvg/

Targets

    • Target

      7d53754eafc84f9c7ae7e8b159cbbee1778abc5de18e430762a5cad438e5c85f.doc

    • Size

      152KB

    • MD5

      36855008ecb95d6d0e3491dd928a33e1

    • SHA1

      17a46c6853b69e9cd346b289b7d57af14d07cdee

    • SHA256

      7d53754eafc84f9c7ae7e8b159cbbee1778abc5de18e430762a5cad438e5c85f

    • SHA512

      68f89ae9e519a631be5e0020610a56122c02bf6e11c35b330dbc7e8060fc310a409bf4610ea912be13374a8757cecd5a822aecf66f6ff8260e73d19b763e8942

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks