Overview

overview

10

task1

 

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    44522edda696ecf4d177282d77a1463aa7e32d38264a469db5f62b3caa378fff.doc

  • Size

    265KB

  • Sample

    200206-kwpaymjsh6

  • MD5

    30aea7a24e5dfa30fff3afae01e9a442

  • SHA1

    62a9f7a952460cce334b7e9ee6f5dbcb1dec77d2

  • SHA256

    44522edda696ecf4d177282d77a1463aa7e32d38264a469db5f62b3caa378fff

  • SHA512

    3187a80844abb2305fe313b239a41606a05d44afca5b9f1463c677f9fc82f51e592cd7dbe4d9de7fc1bd7fb9d498b4e1c8d11e38cbd50ac3e0603464260f1da7

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://supcargo.com/Login/K/
exe.dropper

http://sunucuo.com/wp-admin/0V0e/
exe.dropper

http://sweetestshop.ca/wp/3ca5oq/
exe.dropper

http://subhedarmarketing.com/2/7gtTEM8/
exe.dropper

http://takharandshankertour.com/wp-includes/IXR/2/

Targets

    • Target

      44522edda696ecf4d177282d77a1463aa7e32d38264a469db5f62b3caa378fff.doc

    • Size

      265KB

    • MD5

      30aea7a24e5dfa30fff3afae01e9a442

    • SHA1

      62a9f7a952460cce334b7e9ee6f5dbcb1dec77d2

    • SHA256

      44522edda696ecf4d177282d77a1463aa7e32d38264a469db5f62b3caa378fff

    • SHA512

      3187a80844abb2305fe313b239a41606a05d44afca5b9f1463c677f9fc82f51e592cd7dbe4d9de7fc1bd7fb9d498b4e1c8d11e38cbd50ac3e0603464260f1da7

    Score
    10/10

    • Process spawned unexpected child process

    • Drops file in System32 directory

    task1

MITRE ATT&CK Matrix

Tasks