General

  • Target

    SecuriteInfo.com.DOC.Kryptik.Q.17206

  • Size

    297KB

  • Sample

    200713-pbxzl4zaqn

  • MD5

    62e26facf7fccf4cd98fb2d8064bbda4

  • SHA1

    6ca90193994b32e20f014b773e984be29cdb415f

  • SHA256

    027e355c782feb5a0feec8d6fe004073e0d2f7d0d146fb81c3439f81e09d5aed

  • SHA512

    aa7f178103bec3e3e2b8091e5a35fc00d68eb5809460fd7a785a1bddf0289d23ed603d82487e543df4a0e1435348f497f537e069574416f87b0416e5c208b4f6

Score
10/10

Malware Config

Targets

    • Target

      SecuriteInfo.com.DOC.Kryptik.Q.17206

    • Size

      297KB

    • MD5

      62e26facf7fccf4cd98fb2d8064bbda4

    • SHA1

      6ca90193994b32e20f014b773e984be29cdb415f

    • SHA256

      027e355c782feb5a0feec8d6fe004073e0d2f7d0d146fb81c3439f81e09d5aed

    • SHA512

      aa7f178103bec3e3e2b8091e5a35fc00d68eb5809460fd7a785a1bddf0289d23ed603d82487e543df4a0e1435348f497f537e069574416f87b0416e5c208b4f6

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Enumerates connected drives

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

MITRE ATT&CK Enterprise v6

Tasks