General
-
Target
a0efff2f5ffc7af058f2cc3d6f0af29034b25dbbbee97b19d273009869b3220f.doc
-
Size
265KB
-
Sample
200207-jqt8gllgtn
-
MD5
d47a3565950f8b29b7bc35ce606e3c63
-
SHA1
3f2c908a7c6847b9d781beae1128ada5ca3410da
-
SHA256
a0efff2f5ffc7af058f2cc3d6f0af29034b25dbbbee97b19d273009869b3220f
-
SHA512
1386b01e42a4a829e14b9dcf58ff5662bc93c0b7a05f447c2719bb52bb9b045b8e22ed2784aa4b568fe77b848644e1d7612dd75555d234eef7abdb47d6c5a7c1
Malware Config
Extracted
http://haoyindz.com/wp-content/hiKW/
http://tay.batt2u.com/cgi-bin/sKobi4/
http://powerlinkaudio.com/wp-admin/fq5g/
http://perfectfoodcenters.com/wp-includes/ssLLy/
http://tatse.de/users/eo/
Targets
-
-
Target
a0efff2f5ffc7af058f2cc3d6f0af29034b25dbbbee97b19d273009869b3220f.doc
-
Size
265KB
-
MD5
d47a3565950f8b29b7bc35ce606e3c63
-
SHA1
3f2c908a7c6847b9d781beae1128ada5ca3410da
-
SHA256
a0efff2f5ffc7af058f2cc3d6f0af29034b25dbbbee97b19d273009869b3220f
-
SHA512
1386b01e42a4a829e14b9dcf58ff5662bc93c0b7a05f447c2719bb52bb9b045b8e22ed2784aa4b568fe77b848644e1d7612dd75555d234eef7abdb47d6c5a7c1
-
Process spawned unexpected child process
-
Blacklisted process makes network request
-
Executes dropped EXE
-
Drops file in System32 directory
-