Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6693191e815936649ff1e4f45cd699a6b67843510e43858952d632be256b3185.doc

  • Size

    153KB

  • Sample

    200128-f65g2jk6kx

  • MD5

    5be3b3f9a0d19abb923af2dbca508bf2

  • SHA1

    fe7407568f4608cffd191ca6a658afdf892db3e4

  • SHA256

    6693191e815936649ff1e4f45cd699a6b67843510e43858952d632be256b3185

  • SHA512

    791fd969044b236626e5a6c3d2887d37c2cad0f1b8d3a522d0d6cf1ebb2102c481262545b268919b50e85d1d1d7de15a0942e60e1ce525fc7e6d6a9f22400ad7

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://covaihomes.com/cgi-bin/t3ln/
exe.dropper

http://saxseafood.com/wp-content/VHTlLciKX/
exe.dropper

https://zaamira.com/wp-admin/2sof7o/
exe.dropper

https://shopify-ed.apps.zeroek.com/dist/hxrf9/
exe.dropper

https://sophistproduction.com/wp-includes/Wijy9/

Targets

    • Target

      6693191e815936649ff1e4f45cd699a6b67843510e43858952d632be256b3185.doc

    • Size

      153KB

    • MD5

      5be3b3f9a0d19abb923af2dbca508bf2

    • SHA1

      fe7407568f4608cffd191ca6a658afdf892db3e4

    • SHA256

      6693191e815936649ff1e4f45cd699a6b67843510e43858952d632be256b3185

    • SHA512

      791fd969044b236626e5a6c3d2887d37c2cad0f1b8d3a522d0d6cf1ebb2102c481262545b268919b50e85d1d1d7de15a0942e60e1ce525fc7e6d6a9f22400ad7

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Enterprise v6

Tasks