Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b5f556c8d92261fdf0686c7641266d79c306b855ebe9894572d32667f59c9c2.doc

  • Size

    132KB

  • Sample

    200129-dk6c6gjavn

  • MD5

    b7086f6ea50435b84a09ce147a4dd538

  • SHA1

    a0ed7adb0003efe0afa37a64e13a037c9b69c68d

  • SHA256

    0b5f556c8d92261fdf0686c7641266d79c306b855ebe9894572d32667f59c9c2

  • SHA512

    b4befc289f49c5d095d6b0008e37280f0c0dd9c858f6373ea4cc7126497760922948f804896dbac569922b1fdf5851e62fc8107c2f323bb9c6408e6676fdc10c

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://blinkro.eu/wp-content/hMDRkCt/
exe.dropper

http://blasmontavez.com/wp-includes/ep0/
exe.dropper

http://luxuryflower.net/wp-content/cgNoUgY/
exe.dropper

http://gostareh.org/old/f7tSe81/
exe.dropper

http://hindwalkerphoto.com/wp-content/v1d8mo/

Targets

    • Target

      0b5f556c8d92261fdf0686c7641266d79c306b855ebe9894572d32667f59c9c2.doc

    • Size

      132KB

    • MD5

      b7086f6ea50435b84a09ce147a4dd538

    • SHA1

      a0ed7adb0003efe0afa37a64e13a037c9b69c68d

    • SHA256

      0b5f556c8d92261fdf0686c7641266d79c306b855ebe9894572d32667f59c9c2

    • SHA512

      b4befc289f49c5d095d6b0008e37280f0c0dd9c858f6373ea4cc7126497760922948f804896dbac569922b1fdf5851e62fc8107c2f323bb9c6408e6676fdc10c

    Score
    10/10

    • Process spawned unexpected child process

    task1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks