Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    736af1e00c4672ae96faeec89a621681b0b0ee333462a76e3734d1d1024d234a.doc

  • Size

    153KB

  • Sample

    200127-njk548g1hs

  • MD5

    ceff4b7a207f809630866d3f780358e3

  • SHA1

    50c24922a873ad9e6cbb380a33bc4ee396052c0e

  • SHA256

    736af1e00c4672ae96faeec89a621681b0b0ee333462a76e3734d1d1024d234a

  • SHA512

    06daf1874ec785ffc666a73e33ec0c843625484284e759b56833028065b7ada98c6e85a3e122bc3d83e5cc00b9026e1ef14d143fc306ff0f753fc35e17950131

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://fietsenmetkinderen.info/App_Data/ASHFouI/
exe.dropper

https://rokonworld.xyz/cgi-bin/bf99ypv-nka70qs-62/
exe.dropper

http://www.meubelontwerpstudioheyne.nl/languages/ndZNarqnj/
exe.dropper

http://bursary.engsoc.queensu.ca/wp-admin/48ech-ddpjkzp-29821620/
exe.dropper

http://lapmangfpt.haiphong.vn/wp-admin/k50i2cm5qi-9wnfau-7879373385/

Targets

    • Target

      736af1e00c4672ae96faeec89a621681b0b0ee333462a76e3734d1d1024d234a.doc

    • Size

      153KB

    • MD5

      ceff4b7a207f809630866d3f780358e3

    • SHA1

      50c24922a873ad9e6cbb380a33bc4ee396052c0e

    • SHA256

      736af1e00c4672ae96faeec89a621681b0b0ee333462a76e3734d1d1024d234a

    • SHA512

      06daf1874ec785ffc666a73e33ec0c843625484284e759b56833028065b7ada98c6e85a3e122bc3d83e5cc00b9026e1ef14d143fc306ff0f753fc35e17950131

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks