Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    93ac1a686cd0ce579893e042ecb57904d9ae66bad73466d669ad3e2859c1f628.doc

  • Size

    151KB

  • Sample

    200127-ktxlm59sln

  • MD5

    a8c523bc1ed52afa35e8b76bd7e9b6a4

  • SHA1

    0e65ed810357f5643d5b2e7cb8c0320266020157

  • SHA256

    93ac1a686cd0ce579893e042ecb57904d9ae66bad73466d669ad3e2859c1f628

  • SHA512

    6ba6f8bc9ac5ed83529d14c71bf2539b6ff133b7989e447ee9a4652b4c9179d413d1643c267941b03e6b539f6f26456876799c83ebf7d298d129b138361487ee

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://delhisexclinic.com/zds/jUzItNFoNN/
exe.dropper

https://lelangg.online/uydlcvg/xoZAiAes/
exe.dropper

https://usispf.org/wp-admin/vjWaya/
exe.dropper

https://www.sexylady.space/wp-admin/JM/
exe.dropper

https://www.metropolnet.gr/cgi-bin/eP1hbutDbo/

Targets

    • Target

      93ac1a686cd0ce579893e042ecb57904d9ae66bad73466d669ad3e2859c1f628.doc

    • Size

      151KB

    • MD5

      a8c523bc1ed52afa35e8b76bd7e9b6a4

    • SHA1

      0e65ed810357f5643d5b2e7cb8c0320266020157

    • SHA256

      93ac1a686cd0ce579893e042ecb57904d9ae66bad73466d669ad3e2859c1f628

    • SHA512

      6ba6f8bc9ac5ed83529d14c71bf2539b6ff133b7989e447ee9a4652b4c9179d413d1643c267941b03e6b539f6f26456876799c83ebf7d298d129b138361487ee

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks