Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    172d3ac75b06639fc26efecdf159fd4b7ca053db10b55d404550ab9e2b3da819.doc

  • Size

    153KB

  • Sample

    200127-frtevxfsf6

  • MD5

    b3bf7b308be7b54988940046cf49df1c

  • SHA1

    b11fe0b5e53d9ca21d2f1f8813ba0a67d5af1f87

  • SHA256

    172d3ac75b06639fc26efecdf159fd4b7ca053db10b55d404550ab9e2b3da819

  • SHA512

    0b6df0389921434cf3edf2028cce4d10241e76bd8de77a8bf9ec0f9b4e6c0714d5404fd63009df7aedd80c5e9fc1897c9b5c4ba73d3d5508006a823dd3c8feba

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://fietsenmetkinderen.info/App_Data/ASHFouI/
exe.dropper

https://rokonworld.xyz/cgi-bin/bf99ypv-nka70qs-62/
exe.dropper

http://www.meubelontwerpstudioheyne.nl/languages/ndZNarqnj/
exe.dropper

http://bursary.engsoc.queensu.ca/wp-admin/48ech-ddpjkzp-29821620/
exe.dropper

http://lapmangfpt.haiphong.vn/wp-admin/k50i2cm5qi-9wnfau-7879373385/

Targets

    • Target

      172d3ac75b06639fc26efecdf159fd4b7ca053db10b55d404550ab9e2b3da819.doc

    • Size

      153KB

    • MD5

      b3bf7b308be7b54988940046cf49df1c

    • SHA1

      b11fe0b5e53d9ca21d2f1f8813ba0a67d5af1f87

    • SHA256

      172d3ac75b06639fc26efecdf159fd4b7ca053db10b55d404550ab9e2b3da819

    • SHA512

      0b6df0389921434cf3edf2028cce4d10241e76bd8de77a8bf9ec0f9b4e6c0714d5404fd63009df7aedd80c5e9fc1897c9b5c4ba73d3d5508006a823dd3c8feba

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks