Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ce434fb508f0e08b53b1df9a17fb14a2463b0ff00c1bb0422db75d2856d35b7.doc

  • Size

    152KB

  • Sample

    200127-hy3nbyxn9x

  • MD5

    2e9d795d3ebef47bb21d126c2e2ebf6b

  • SHA1

    cffde205908f1e0f1c0790f204bf2267ce51a144

  • SHA256

    3ce434fb508f0e08b53b1df9a17fb14a2463b0ff00c1bb0422db75d2856d35b7

  • SHA512

    74b7f67493a644d8c743796d9fb5b9c7ff9ab4aa996281d2ab71f036e276c3e26764a4672d275e7be5ff6676871a31d09533076a22cda1fac83871f2fed69943

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://yochina.apps.zeroek.com/assets/GQK9Gly/
exe.dropper

http://www.bandarwinsbobet.com/wp-admin/7bw/
exe.dropper

http://test.pakspaservices.com/wp-content/Yi1j6O7/
exe.dropper

http://portal.meucompromisso.com/wp-admin/kQJ/
exe.dropper

https://wondersofgeorgia.com/wp-admin/jv7hvg/

Targets

    • Target

      3ce434fb508f0e08b53b1df9a17fb14a2463b0ff00c1bb0422db75d2856d35b7.doc

    • Size

      152KB

    • MD5

      2e9d795d3ebef47bb21d126c2e2ebf6b

    • SHA1

      cffde205908f1e0f1c0790f204bf2267ce51a144

    • SHA256

      3ce434fb508f0e08b53b1df9a17fb14a2463b0ff00c1bb0422db75d2856d35b7

    • SHA512

      74b7f67493a644d8c743796d9fb5b9c7ff9ab4aa996281d2ab71f036e276c3e26764a4672d275e7be5ff6676871a31d09533076a22cda1fac83871f2fed69943

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks