Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    56ae5021b650056ffd8421e9a07abe669559c1bb3c6e15c6cd63af299c88e4ca.doc

  • Size

    153KB

  • Sample

    200127-v8s1wh936x

  • MD5

    d690ede0135519bfb3e125cf74f343dc

  • SHA1

    23897be06887870555ce8870eed5794b2998bd5e

  • SHA256

    56ae5021b650056ffd8421e9a07abe669559c1bb3c6e15c6cd63af299c88e4ca

  • SHA512

    80fd096b7fa78341c05ccdaf9a5e34496130508b5a7f95b8c6c1e04db20249744ff993d6d5626b45abfc7d42af0842aeadb5c4ea517905fc7ae1eea81f61dbff

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://fietsenmetkinderen.info/App_Data/ASHFouI/
exe.dropper

https://rokonworld.xyz/cgi-bin/bf99ypv-nka70qs-62/
exe.dropper

http://www.meubelontwerpstudioheyne.nl/languages/ndZNarqnj/
exe.dropper

http://bursary.engsoc.queensu.ca/wp-admin/48ech-ddpjkzp-29821620/
exe.dropper

http://lapmangfpt.haiphong.vn/wp-admin/k50i2cm5qi-9wnfau-7879373385/

Targets

    • Target

      56ae5021b650056ffd8421e9a07abe669559c1bb3c6e15c6cd63af299c88e4ca.doc

    • Size

      153KB

    • MD5

      d690ede0135519bfb3e125cf74f343dc

    • SHA1

      23897be06887870555ce8870eed5794b2998bd5e

    • SHA256

      56ae5021b650056ffd8421e9a07abe669559c1bb3c6e15c6cd63af299c88e4ca

    • SHA512

      80fd096b7fa78341c05ccdaf9a5e34496130508b5a7f95b8c6c1e04db20249744ff993d6d5626b45abfc7d42af0842aeadb5c4ea517905fc7ae1eea81f61dbff

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks