Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2eedebd36b128efa4146b53378dc614643e4bc9ab2355f1053c2da1e689915f4.doc

  • Size

    153KB

  • Sample

    200127-dwzvwc7xk2

  • MD5

    c4285906a65821f97aa813dbf24a25c0

  • SHA1

    fa9750ae0aa14b4db60dfe06fcb2a1cd0d02b268

  • SHA256

    2eedebd36b128efa4146b53378dc614643e4bc9ab2355f1053c2da1e689915f4

  • SHA512

    7ca24701c3dcfd28437d9d869fa9d844a4e57ae5b894f0d73d28f0dc937832aa15a260a73b0c6e723f02afe4546cb2b244440d9d14908db4fee301fb37cf56c5

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://fietsenmetkinderen.info/App_Data/ASHFouI/
exe.dropper

https://rokonworld.xyz/cgi-bin/bf99ypv-nka70qs-62/
exe.dropper

http://www.meubelontwerpstudioheyne.nl/languages/ndZNarqnj/
exe.dropper

http://bursary.engsoc.queensu.ca/wp-admin/48ech-ddpjkzp-29821620/
exe.dropper

http://lapmangfpt.haiphong.vn/wp-admin/k50i2cm5qi-9wnfau-7879373385/

Targets

    • Target

      2eedebd36b128efa4146b53378dc614643e4bc9ab2355f1053c2da1e689915f4.doc

    • Size

      153KB

    • MD5

      c4285906a65821f97aa813dbf24a25c0

    • SHA1

      fa9750ae0aa14b4db60dfe06fcb2a1cd0d02b268

    • SHA256

      2eedebd36b128efa4146b53378dc614643e4bc9ab2355f1053c2da1e689915f4

    • SHA512

      7ca24701c3dcfd28437d9d869fa9d844a4e57ae5b894f0d73d28f0dc937832aa15a260a73b0c6e723f02afe4546cb2b244440d9d14908db4fee301fb37cf56c5

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks