Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0678aeb7dfd6787a614976c43ae419a763792ed62f99ae6429402cf22b7876b1.doc

  • Size

    153KB

  • Sample

    200127-wxmnk57b32

  • MD5

    a396f4b41ea56ebc7250cbd821b0f1c0

  • SHA1

    0e37fe6621d922b8a33508c68938123dfe4b23c5

  • SHA256

    0678aeb7dfd6787a614976c43ae419a763792ed62f99ae6429402cf22b7876b1

  • SHA512

    d5020c9a0a5f550c84d8a1ab5af22d870a4b5c6e710640dc2dc3d37aebecb3d366467d6ede6e1641d5fe814d43059f43ff372d49e8ac80cb4569b87539cac7e8

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://fietsenmetkinderen.info/App_Data/ASHFouI/
exe.dropper

https://rokonworld.xyz/cgi-bin/bf99ypv-nka70qs-62/
exe.dropper

http://www.meubelontwerpstudioheyne.nl/languages/ndZNarqnj/
exe.dropper

http://bursary.engsoc.queensu.ca/wp-admin/48ech-ddpjkzp-29821620/
exe.dropper

http://lapmangfpt.haiphong.vn/wp-admin/k50i2cm5qi-9wnfau-7879373385/

Targets

    • Target

      0678aeb7dfd6787a614976c43ae419a763792ed62f99ae6429402cf22b7876b1.doc

    • Size

      153KB

    • MD5

      a396f4b41ea56ebc7250cbd821b0f1c0

    • SHA1

      0e37fe6621d922b8a33508c68938123dfe4b23c5

    • SHA256

      0678aeb7dfd6787a614976c43ae419a763792ed62f99ae6429402cf22b7876b1

    • SHA512

      d5020c9a0a5f550c84d8a1ab5af22d870a4b5c6e710640dc2dc3d37aebecb3d366467d6ede6e1641d5fe814d43059f43ff372d49e8ac80cb4569b87539cac7e8

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks