Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    31e73ff6abe1f6d27da36fc9935e2c32a30d988b94d302f0132915ec0d415af3.doc

  • Size

    151KB

  • Sample

    200127-gghr8ld3lj

  • MD5

    5ca6f11d8245787b0a8ca9aa2b02d523

  • SHA1

    5b45357162eebc6e2c48c3f179f17e372b0d9b87

  • SHA256

    31e73ff6abe1f6d27da36fc9935e2c32a30d988b94d302f0132915ec0d415af3

  • SHA512

    02503a88840bf2e4ad19f5a526e639d32b990a8c8e6eb55e1172f60ed61a7ab65b49d4e73f3dda8ee690c3eee52ea75e8c125d6988dfe9e57400a15cb5a9c263

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://delhisexclinic.com/zds/jUzItNFoNN/
exe.dropper

https://lelangg.online/uydlcvg/xoZAiAes/
exe.dropper

https://usispf.org/wp-admin/vjWaya/
exe.dropper

https://www.sexylady.space/wp-admin/JM/
exe.dropper

https://www.metropolnet.gr/cgi-bin/eP1hbutDbo/

Targets

    • Target

      31e73ff6abe1f6d27da36fc9935e2c32a30d988b94d302f0132915ec0d415af3.doc

    • Size

      151KB

    • MD5

      5ca6f11d8245787b0a8ca9aa2b02d523

    • SHA1

      5b45357162eebc6e2c48c3f179f17e372b0d9b87

    • SHA256

      31e73ff6abe1f6d27da36fc9935e2c32a30d988b94d302f0132915ec0d415af3

    • SHA512

      02503a88840bf2e4ad19f5a526e639d32b990a8c8e6eb55e1172f60ed61a7ab65b49d4e73f3dda8ee690c3eee52ea75e8c125d6988dfe9e57400a15cb5a9c263

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks