Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cbc1ce12017def9503760118b324f4e1dbb168dfaea51c294122635c957b2d8d.doc

  • Size

    151KB

  • Sample

    200127-s1eg1rhtw6

  • MD5

    17e66525e231fde623a3453c8d33a06c

  • SHA1

    e1c10d39aa8f292e88b36b53488ead69b7dbe36a

  • SHA256

    cbc1ce12017def9503760118b324f4e1dbb168dfaea51c294122635c957b2d8d

  • SHA512

    594620eb0f1977bb384c26a5b3f7f7532e6bcd0268d7cb8d109667ea7713b14122c079847758464dd9235f7eb8052e45428b0c1ef78075d7a1ae6d84ce9e9a53

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://delhisexclinic.com/zds/jUzItNFoNN/
exe.dropper

https://lelangg.online/uydlcvg/xoZAiAes/
exe.dropper

https://usispf.org/wp-admin/vjWaya/
exe.dropper

https://www.sexylady.space/wp-admin/JM/
exe.dropper

https://www.metropolnet.gr/cgi-bin/eP1hbutDbo/

Targets

    • Target

      cbc1ce12017def9503760118b324f4e1dbb168dfaea51c294122635c957b2d8d.doc

    • Size

      151KB

    • MD5

      17e66525e231fde623a3453c8d33a06c

    • SHA1

      e1c10d39aa8f292e88b36b53488ead69b7dbe36a

    • SHA256

      cbc1ce12017def9503760118b324f4e1dbb168dfaea51c294122635c957b2d8d

    • SHA512

      594620eb0f1977bb384c26a5b3f7f7532e6bcd0268d7cb8d109667ea7713b14122c079847758464dd9235f7eb8052e45428b0c1ef78075d7a1ae6d84ce9e9a53

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks