Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e632dc1bd809dd30bbfb005f230876d431e7c7ae51ce032801dc741ce520506.doc

  • Size

    153KB

  • Sample

    200127-yvrnfrte6a

  • MD5

    6cc6086a6c01207493a4bec62beeabf6

  • SHA1

    d185b507bb7c7314fbc194157a3f56219cf544bb

  • SHA256

    1e632dc1bd809dd30bbfb005f230876d431e7c7ae51ce032801dc741ce520506

  • SHA512

    c7f514286285a40b674d76d4d2aa72946eadccc2ac73f72857d5e11a6c85730d015ae9813ca1e8892b8598978c560af06f96fcfc433630d4e2dbe2529e9662d5

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://covaihomes.com/cgi-bin/t3ln/
exe.dropper

http://saxseafood.com/wp-content/VHTlLciKX/
exe.dropper

https://zaamira.com/wp-admin/2sof7o/
exe.dropper

https://shopify-ed.apps.zeroek.com/dist/hxrf9/
exe.dropper

https://sophistproduction.com/wp-includes/Wijy9/

Targets

    • Target

      1e632dc1bd809dd30bbfb005f230876d431e7c7ae51ce032801dc741ce520506.doc

    • Size

      153KB

    • MD5

      6cc6086a6c01207493a4bec62beeabf6

    • SHA1

      d185b507bb7c7314fbc194157a3f56219cf544bb

    • SHA256

      1e632dc1bd809dd30bbfb005f230876d431e7c7ae51ce032801dc741ce520506

    • SHA512

      c7f514286285a40b674d76d4d2aa72946eadccc2ac73f72857d5e11a6c85730d015ae9813ca1e8892b8598978c560af06f96fcfc433630d4e2dbe2529e9662d5

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Enterprise v6

Tasks