Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5df4b5807ab23563073ea90b98f6c82fbf6389776d342de185f2ddfdde70645f.doc

  • Size

    151KB

  • Sample

    200127-gccc6t133e

  • MD5

    c349a8aa71fca1a083fd4d6ad6c8fcff

  • SHA1

    e4f71b2ab9487b785b3534bb6161a7e182496594

  • SHA256

    5df4b5807ab23563073ea90b98f6c82fbf6389776d342de185f2ddfdde70645f

  • SHA512

    b908a111677da501772b92e7960bdec34aa17fb07c0b70190685e1feaeff07f36ea1aeed0e20813b06663d6c505114009e52b627e804f21db5f152436f64fb6f

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://delhisexclinic.com/zds/jUzItNFoNN/
exe.dropper

https://lelangg.online/uydlcvg/xoZAiAes/
exe.dropper

https://usispf.org/wp-admin/vjWaya/
exe.dropper

https://www.sexylady.space/wp-admin/JM/
exe.dropper

https://www.metropolnet.gr/cgi-bin/eP1hbutDbo/

Targets

    • Target

      5df4b5807ab23563073ea90b98f6c82fbf6389776d342de185f2ddfdde70645f.doc

    • Size

      151KB

    • MD5

      c349a8aa71fca1a083fd4d6ad6c8fcff

    • SHA1

      e4f71b2ab9487b785b3534bb6161a7e182496594

    • SHA256

      5df4b5807ab23563073ea90b98f6c82fbf6389776d342de185f2ddfdde70645f

    • SHA512

      b908a111677da501772b92e7960bdec34aa17fb07c0b70190685e1feaeff07f36ea1aeed0e20813b06663d6c505114009e52b627e804f21db5f152436f64fb6f

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks