Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    105d24ebb512c02c992f5b330459830f12ece2b54011cd65914e673f0617c8c7.doc

  • Size

    151KB

  • Sample

    200127-y7zxhjxvse

  • MD5

    f7659b5e0b6adc1af41005612f2ca03e

  • SHA1

    7ffbe5cfaa40d96a38e9cff3f08e6650b6821645

  • SHA256

    105d24ebb512c02c992f5b330459830f12ece2b54011cd65914e673f0617c8c7

  • SHA512

    c54a61865d2b4d39c0adb3d19a8a336772b72c2c708136bd895c1ecd83a24804f1bc02cc1b598745f38b7e7bec48e147be1ed01715cb5b8d6c7852d067bb69fa

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://delhisexclinic.com/zds/jUzItNFoNN/
exe.dropper

https://lelangg.online/uydlcvg/xoZAiAes/
exe.dropper

https://usispf.org/wp-admin/vjWaya/
exe.dropper

https://www.sexylady.space/wp-admin/JM/
exe.dropper

https://www.metropolnet.gr/cgi-bin/eP1hbutDbo/

Targets

    • Target

      105d24ebb512c02c992f5b330459830f12ece2b54011cd65914e673f0617c8c7.doc

    • Size

      151KB

    • MD5

      f7659b5e0b6adc1af41005612f2ca03e

    • SHA1

      7ffbe5cfaa40d96a38e9cff3f08e6650b6821645

    • SHA256

      105d24ebb512c02c992f5b330459830f12ece2b54011cd65914e673f0617c8c7

    • SHA512

      c54a61865d2b4d39c0adb3d19a8a336772b72c2c708136bd895c1ecd83a24804f1bc02cc1b598745f38b7e7bec48e147be1ed01715cb5b8d6c7852d067bb69fa

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks