Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b462b9a1e59ff9c79bc1be87dbea02822415c3a0ddfecce296b4257269cad5e.doc

  • Size

    126KB

  • Sample

    200204-2vbpsamrx2

  • MD5

    d7b0397888a82aeace188e29ea2a361a

  • SHA1

    2ae356aeca1036e1cc3204dc3468b04e53a05483

  • SHA256

    3b462b9a1e59ff9c79bc1be87dbea02822415c3a0ddfecce296b4257269cad5e

  • SHA512

    110ba15663bab6d014f7dafa2c38c9beadd343f4b1691de7303e70b2c48a489988e80248e1d5b7b27c28ff669793a774c6c8b3d90f013efda91debfde66e6534

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://crimecitynews.com/wp-includes/DeHZs1/
exe.dropper

http://clicksbyayush.com/wp-content/T721/
exe.dropper

https://www.hgklighting.com/dacecb0fcd2bc6cbe09ed1527e527b37/pwdSS610g/
exe.dropper

http://cheapwebvn.net/wp-content/cache/uZLPqwbGic/
exe.dropper

http://sundevilstudentwork.com/wp-content/N4h2nKXI/

Targets

    • Target

      3b462b9a1e59ff9c79bc1be87dbea02822415c3a0ddfecce296b4257269cad5e.doc

    • Size

      126KB

    • MD5

      d7b0397888a82aeace188e29ea2a361a

    • SHA1

      2ae356aeca1036e1cc3204dc3468b04e53a05483

    • SHA256

      3b462b9a1e59ff9c79bc1be87dbea02822415c3a0ddfecce296b4257269cad5e

    • SHA512

      110ba15663bab6d014f7dafa2c38c9beadd343f4b1691de7303e70b2c48a489988e80248e1d5b7b27c28ff669793a774c6c8b3d90f013efda91debfde66e6534

    Score
    10/10

    • Process spawned unexpected child process

    • Blacklisted process makes network request

    • Executes dropped EXE

    • Drops file in System32 directory

    task1

MITRE ATT&CK Matrix

Tasks