Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dfe41aec43015453f7b83b9b2a711bd69c49e12171842c5cb1ee6c9e99cbf068.doc

  • Size

    153KB

  • Sample

    200127-fhyrktdane

  • MD5

    a1520a0beb5056281bdec7c3058b052f

  • SHA1

    7dbddb4a98a66a20e79f1df3634530438c52228f

  • SHA256

    dfe41aec43015453f7b83b9b2a711bd69c49e12171842c5cb1ee6c9e99cbf068

  • SHA512

    91000eff92b6d4aba9f7ce0fcf416a8090a5baff05092dc7298ad10684d3e259c106be25d2c98fbc6226faee073ac3916854dd457adb079ab7c57a112370f55a

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://fietsenmetkinderen.info/App_Data/ASHFouI/
exe.dropper

https://rokonworld.xyz/cgi-bin/bf99ypv-nka70qs-62/
exe.dropper

http://www.meubelontwerpstudioheyne.nl/languages/ndZNarqnj/
exe.dropper

http://bursary.engsoc.queensu.ca/wp-admin/48ech-ddpjkzp-29821620/
exe.dropper

http://lapmangfpt.haiphong.vn/wp-admin/k50i2cm5qi-9wnfau-7879373385/

Targets

    • Target

      dfe41aec43015453f7b83b9b2a711bd69c49e12171842c5cb1ee6c9e99cbf068.doc

    • Size

      153KB

    • MD5

      a1520a0beb5056281bdec7c3058b052f

    • SHA1

      7dbddb4a98a66a20e79f1df3634530438c52228f

    • SHA256

      dfe41aec43015453f7b83b9b2a711bd69c49e12171842c5cb1ee6c9e99cbf068

    • SHA512

      91000eff92b6d4aba9f7ce0fcf416a8090a5baff05092dc7298ad10684d3e259c106be25d2c98fbc6226faee073ac3916854dd457adb079ab7c57a112370f55a

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks